C1Risk

Great GRC solution for any sized organization

Pros:

Because it's based on the SalesForce platform, the GRC software is stable and functional. Plus the support that I've received for training, customization, and reporting is quick and effective.

Cons:

This software does the GRC tracking that it needs to do and better than other software tool options. GRC software is can be challenging and this software is the least challenging to setup and start using.

Robust Tool / Outstanding Support

Comments: There are so many great things to say about CyberOne but the support is really top quality. The team is always available for training and to work through issues and just share knowledge with us. Training for nonpractitioners (evidence owners) has been easy and overall we feel like CyberOne is really a valuable extension to our team! I have already recommended this product to a peer and will continue to do so.

Pros:

We are a law firm in our second year of working with CyberOne for ISO Certification, Access Review, and Contract Management. One of the many attributes of this platform is that it has enabled us to manage a variety of projects on a single platform. We are currently in surveillance audits for ISO 27001 certification, our quarterly access review process is automated on CyberOne, we are building a complex contract management program and evaluating further use cases. Perhaps the biggest benefit to the product is that we have access to the full platform and all modules for a single price, so we can budget effectively and scale our program with CyberOne without any hidden costs or budget surprises. The modules are also all integrated so we connect all of our policies, controls, and ultimately all our risk and compliance in this platform. Specifically, regarding our compliance and audit needs, the automated evidence collection process in CyberOne has worked really well and helped us expedite our audits. We were able to conduct our audit on-screen with our auditor, using CyberOne. Beyond ISO, CyberOne has also provided us with crosswalks to other frameworks, which they manage and update. It is great to know that we can build our risk register, manage findings and manage third-party risk assessments on this platform. We are excited to see all we can do!

Cons:

Because the tool is so robust, early on with the onboarding, I sometimes would find myself on the wrong page - nothing that a little time and familiarizing myself couldn't resolve.

Great Product, Amazing Customer Support

Comments: This product helped our team raise our Gartner maturity rating and solve our issue management problems

Pros:

- Very easy to use and met all of our needs. - Customer support team is very accessible - Friendly user interface - Easy to use reporting tools - Can enable MFA and/or integrate with access management systems

Cons:

Our team was not able to work on development of new functionality, we had to rely on CyberOne to make changes. I wish wish we had to ability to make changes to email notifications, the required fields for assessments, and automation.

Ryan-Dinsmore Review

Comments: We are using C1Risk to build out and mature our wholistic GRC program; from vendor management, to issue tracking and resolution, audit management, and maintaining a comprehensive risk register. C1Risk is enabling us to do all of those in one place, in an interconnected way.

Pros:

The ability to connect the various facets of your risk program in one place and in a logical way is simply awesome. It's a tool you can use to identify, measure, control, and mitigate risks all in a linear and consistent fashion. It enables a level of program maturity that was previously out of reach for many organizations.

Cons:

I'll get back to you on that one. Thus far, anything I have found missing or lacking is already on their roadmap and soon to be implemented.

CyberOne Review from a non tech person

Comments: CyberOne is a great organizational tool, a time saver and has assisted in broadening my knowledge of the audit requirements. I have gained valuable knowledge by starting at ground level with the control library and building the internal controls and evidence checklists which eventually lead to document requests. Following each step in the process has reduced the amount of time spent gathering evidence and ensured that we were capturing once and applying efficiently to each requirement without duplication of work therefore reducing my workload by at least 50-75% .
The ability to schedule document requests instead of just in time processing is valuable beyond measure! Because of this feature I've been able to concentrate on other tasks, feeling confident that the request will be made as or when required whether it is monthly, quarterly or yearly.
I am not a "techie" person, but I know how to navigate around in a computer. CyberOne was user friendly and easy to use and adapted to the needs of our business easily.

Pros:

The software is versatile, in that you can manage your own dashboard to your specific needs of the business. It allows you to have several dashboards available to work with during the many phases of an audit with ease of gathering and presenting documentation professionally. With the online training it was easy to get started, and figure out what your needs were. It allows you to grow as you build and make changes as you build and not impact the final outcome. CyberOne Support were fantastic in providing training and answering any questions I had. They were willing to work with us and ensure the product served our needs.

Cons:

There is nothing I can say bad about the software. The developers were quick to respond and help solve any issues we had.