TinyGRC Compliance

Simplifying Governance, Risk, and Compliance.

TinyGRC is an app for the Atlassian Confluence that helps you track basic compliance and visualize overall performance. Track SOC2, PCI, ISO27001, and HIPAA compliance efforts. Now includes Risk Assessment Matrix!

Getting Started

Getting Started with TinyGRC is easy. Here are few steps to get you going:

Once the page is created, you can start uploading your evidence. You will have a choice of typing in a responce, attaching multiple files, or both. You can also create new page with Risk Assessment Matrix prefilled with average responses. You can modify this page to fit your real risk exposure.

Auditors in turn can accept, reject, or mark as incomplete submitted answers, while also providing written notes in the field.

Pie chart will show overall progress. You can filter answers by clicking on pie-chart sections.

Conversely, if you are an audit firm, simply add your customer as a user to the Confluence space, and restrict that space. Interaction will be similar.

Please note: All your evidence files, comments, etc., are stored within your Confluence page by Atlassian and NOT on our servers. Therefore, it is important to restrict access to this page by clicking the lock icon on the top of the page.

Thank you for using TinyGRC.