Free Download Schedule a Demo 30 Day Trial

A comprehensive GRC solution that is

Simple. effective. affordable.
GET STARTED

WHY SIMPLERISK?

  • Simple - Intuitive workflows Promotes organization-wide adoption.
  • Effective - From "zero to GRC" in minutes.
  • Affordable - Comprehensive Governance, Risk Management and Compliance at a fraction of the cost.

SIMPLERISK CORE

A foundational GRC platform for all organizations.

Install in minutes
Free and open source
Eliminate reliance on spreadsheets

What is SimpleRisk Core?

SimpleRisk Core is the free and open source component of SimpleRisk that includes all of our basic Governance, Risk Management and Compliance (GRC) capabilities.  It is the foundation upon which both our On-Premise and Hosted SimpleRisk offerings are built.

SimpleRisk Core is the free and open source component of SimpleRisk that includes all of our basic Governance, Risk Management and Compliance (GRC) capabilities. It is the foundation upon which both our On-Premise and Hosted SimpleRisk offerings are built.

FREE DOWNLOAD

SIMPLERISK ON-PREMISE

Extend your SimpleRisk Core functionality with advanced features and automation.

Hosted in your Environment
Add new features with the click of a button
Select the modules you need
Packaged discounts available
Enhanced support options

Basic

$9,995 YEARLY

Plus

$14,995 YEARLY

Premium

$19,995 YEARLY

SimpleRisk On-Premise enables you to run our award winning SimpleRisk software on your own servers inside of your own datacenter environment. This allows you to leverage your own internal security controls with the platform, but you are responsible for all monitoring, backups, and upgrades.

SCHEDULE A DEMO

SIMPLERISK HOSTED

A SaaS solution that enables your key resources to focus on what's most important.

From "Zero to GRC" in minutes
Advanced features and automation
Secure AWS hosting environment
Effortless upgrades to the latest release
Multiple packages to meet your needs

Small Enterprise

$4,995 YEARLY

Medium Enterprise

$9,995 YEARLY

Large Enterprise

$19,995 YEARLY

SimpleRisk Hosted combines all of the functionality of our award winning SimpleRisk software with the convenience of a fully managed hosting solution.

30 DAY FREE TRIAL

LEARN MORE ABOUT SIMPLERISK

RISK KNOWS NO BOUNDARIES

SimpleRisk is a solution that scales with the evolving requirements of your organization.

Governance

Enterprise governance activities are designed to ensure that the information that reaches your executive team is complete, accurate and timely.

MORE

Risk Management

Ensure that management identifies, analyzes, and responds appropriately to risks that may adversely affect realization your business objectives.

MORE

Compliance

Assess your state of compliance and the risks and potential costs of non-compliance in order to prioritize, fund and initiate corrective action.

MORE

Incident Management

Identify, respond to and recover from events that negatively impact your organization.

MORE

Comprehensive GRC solutions by industry

  • HEALTHCARE

  • GOVERNMENT

  • TECHNOLOGY

  • PUBLIC UTILITIES

TRUSTED BY

Quote - Allan Alford, CISO

The problem with many GRC tools is that they overreach their mission and become incredibly complex. So complex that they require dedicated resources to manage them. SimpleRisk gives you exactly what you need without all that overhead. And the best part is you can download it and get started for free!

CISO
1
Allan Alford

Quote - Greg Tatum, VP of Infrastructure and Security, DealerSocket

I previously used SimpleRisk prior to joining DealerSocket and was well aware of its value, so one of the first initiatives I undertook was to deploy SimpleRisk here as well. My primary objectives were to streamline the cumbersome process of tracking risks using spreadsheets, make our overall risk posture visible to peers and management, obtain actionable output to prioritize mitigation efforts, and satisfy PCI compliance. SimpleRisk not only meets these requirements, but is also very easy to implement, use, and manage, plus reports can be easily customized to match the needs of key stakeholders. I've found SimpleRisk to be both highly effective, and reasonably priced.

VP of Infrastructure and Security, DealerSocket
2
Greg Tatum

Quote - Nick Waringa, Information Security and Risk Manager

I have implemented Archer, Lockpath, and RSAM  at my previous employers. They all are super heavy weight and require armies of people or professional services to manage. I don't think you emphasize enough the small amount of body overhead with the payback that Simple Risk provides. There is no way my current employer could afford the previously mentioned apps.

Information Security and Risk Manager
3
Nick Waringa
Company slide - Utmost
/sites/default/files/2021-01/utmost_international_logo_black_gold-1_0.png
Company slide - Rochester
/sites/default/files/2021-02/RRH_MasterLogo_RGB_0-min.png
Company slide - iPipeline
/sites/default/files/2021-02/iPipeline_0-min.png
Company slide - Newyu
/sites/default/files/2021-02/newyu_logo_0-min.png
Company slide - National Instruments
/sites/default/files/2021-02/national-instruments_0-min.png
Company slide - Dunelm
/sites/default/files/2021-02/1200px-Dunelm_logo_0-min_0.png
Company slide - DealerSocket
/sites/default/files/2021-02/dealersocket-logo_0-min.png
Company slide - core sistemi
/sites/default/files/2021-02/LogoCORESISTEMI-2_0-min.png
Company slide - Sisk group
/sites/default/files/2021-02/SISKGroupLogo_0-min.png
Company slide - Auckland
/sites/default/files/2021-02/uoa-h-white2_0-min.png
Company slide - Akami
/sites/default/files/2021-02/akamai-logo_0-min.png

The Latest from the SimpleRisk Blog

Over the years, we've received a number of inquiries about the OWASP Risk Rating Methdology with some contention around how we have integrated it into SimpleRisk. Some have questioned how SimpleRisk reaches its final risk score while others have pointed to differences in the Skill Level values. Let's delve into this somewhat contentious topic a bit deeper...

/sites/default/files/2021-02/owasp-risk-rating-methodology.png
The OWASP Risk Rating Methodology and SimpleRisk

If the "textbook" definition of risk scoring is Risk = Likelihood x Impact, then a Severe (5) impact and an Almost Certain (5) likelihood should have a score of 25, right?  The answer isn't quite so simple...

/sites/default/files/2021-02/two_plus_two_0.jpg
Normalizing Risk Scoring Across Different Methodologies

Learn how to use SimpleRisk's Import-Export and Risk Assessment Extras in order to efficiently use the NIST Cybersecurity Framework's controls to assess your organization's risks and perform a control gap analysis.

/sites/default/files/2021-02/nist-csf-framework.png
Simplifying the NIST Cybersecurity Framework with SimpleRisk

At the end of June 2020, a civil rights coalition, which includes the Anti-Defamation League (ADL) and the NAACP, launched the #StopHateforProfit campaign.  This campaign calls upon major corporations to put a pause on Facebook advertisements, citing the company's...

/sites/default/files/2021-02/hate-fi-min-min.jpg
SimpleRisk Stands Against Hate

Today I had a really interesting conversation with a guy from Japan via LinkedIn.  It started with him trying to sell me...

/sites/default/files/2021-02/CORPORATE_17-min-min.jpg
Risk Management for Dummies

When I first released SimpleRisk as a free tool back in March of 2013, I decided to license it under the open source ...

/sites/default/files/2021-02/security-open-lock-100314298-primary.idge-min-min.jpg
The Security of Open Source vs Closed Source Software

I've been avoiding sending out an e-mail about this since I know you all have already been inundated by e-mails ...

/sites/default/files/2021-02/991-ratio-koronavirus_1-min-min_0.jpg
SimpleRisk's Plan for COVID-19

As the Information Security Program Owner at National Instruments, I spent years contemplating the answer to a ...

/sites/default/files/2021-02/simplerisk_social_media_1-min-min.png
SimpleRisk On-Premise or Hosted - Which Deployment Model is Right for You?

Back in 2013, when I first started working on SimpleRisk in my spare time on nights and weekends, I started using a ...

/sites/default/files/2021-02/cwtype-Features-min.jpg
What features do you want to see added to SimpleRisk?

As the Information Security Program Owner at National Instruments, a $1.4B global enterprise, I've spent the past ...

/sites/default/files/2021-02/simplerisk_social_media_1-min-min_14.png
SimpleRisk Now Offering Complimentary Risk Management Program Consulting to Customers

Last week I was invited to participate in Kyle Burt's live podcast featuring leaders in tech and business called ...

/sites/default/files/2021-02/simplerisk_social_media_1-min-min_13.png
SimpleRisk Founder Josh Sokol Featured on Dialed In With Kyle Burt

Currently, SimpleRisk supports six different risk scoring methods.  We have Classic Risk, which is the likelihood ...

/sites/default/files/2021-02/simplerisk_social_media_1-min-min_12.png
There is Nothing Simple About FAIR

This is just a short (1 minute) animated video explaining some of the capabilities around performing internal and ...

/sites/default/files/2021-02/simplerisk_social_media_1-min-min_11.png
How to Perform Risk Assessments (with SimpleRisk)

Unless you've been hiding under a rock for the past three weeks, you're probably familiar with CVE-2019-0708, also ...

/sites/default/files/2021-02/simplerisk_social_media_1-min-min_10.png
How to Manage the Evolving Risk of Bluekeep (with SimpleRisk)

As a CISO for a large enterprise, many times my first engagement with members of our internal teams was when ...

/sites/default/files/2021-02/simplerisk_social_media_1-min-min_9.png
Assessing Vendor Security Risks (with SimpleRisk)

KEEP UP WITH THE LATEST
PRODUCT ANNOUNCEMENTS
AND BLOG POSTS

FOLLOW US

CONTACT US