I have implemented Archer, Lockpath, and RSAM  at my previous employers. They all are super heavy weight and require armies of people or professional services to manage. I don't think you emphasize enough the small amount of body overhead with the payback that SimpleRisk provides. There is no way my current employer could afford the previously mentioned apps.

Information Security and Risk Manager
Nick Waringa