22+ production-ready GRC frameworks with codified consulting expertise. Add frameworks to your existing GRATEIC subscription.
All frameworks are available as add-ons to your existing GRATEIC Customer or Firm Portal subscription. Pricing varies by framework complexity and included content.
Requires active Customer Portal or Firm Portal subscription. View portal pricing →
These frameworks include comprehensive control-level implementation guidance, evidence requirements, and testing procedures.
Full Annex A controls with implementation guidance, evidence requirements, and audit preparation checklists.
Complete BCMS implementation with BIA templates, recovery strategies, and exercise program guidance.
All Trust Services Criteria with control objectives, testing procedures, and evidence collection guidance.
Complete CSF 2.0 with all functions, categories, and subcategories mapped to implementation tasks.
7-step RMF process with authorization documentation and continuous monitoring guidance.
Information security risk assessment and treatment methodology aligned with ISO 27001.
Complete 2017 framework with all 5 components and 20 principles for enterprise-wide risk management.
Universal risk management principles and guidelines applicable to any organization or sector.
Complete QMS implementation with process approach, risk-based thinking, and continuous improvement.
First international AI management system standard for responsible AI development and deployment.
Privacy Rule, Security Rule, and Breach Notification requirements with safeguard implementation.
Data protection principles, rights management, and DPO requirements for EU compliance.
Canadian privacy law compliance with 10 fair information principles and breach notification.
Enterprise risk management framework for federally regulated financial institutions.
Third-party risk management including outsourcing, cloud, and vendor due diligence.
Technology and cyber risk management requirements effective January 2024.
Operational risk management and resilience requirements for financial institutions.
Federal Financial Institutions Examination Council IT examination guidance and self-assessment.
Purpose, prerequisites, deliverables, and estimated hours for each process
Detailed activities with expected outcomes and completion criteria
Practical instructions from 30+ years of consulting best practices
Context-aware guidance and document generation at every task
631+ control correlations to eliminate duplicate compliance work
Available immediately with Gantt charts and document repository
Additional frameworks in development based on customer demand:
Custom frameworks available on request. Contact sales for enterprise requirements.
Contact our sales team to discuss your compliance needs and get started with your first framework.