A modern, all-in-one Governance, Risk & Compliance (GRC) solution designed for privacy, security, and compliance teams. As an open-source alternative to Vanta and Drata, this platform empowers teams with full control, flexibility, and transparency—no vendor lock-in, just powerful compliance automation and risk management. ISO27k, GDPR, SOC2, NIST

Governance, Risk, and Compliance (GRC) is a structured way to align IT with business goals while managing risks and meeting all industry and government regulations.

Interviewing Help for Information Security Jobs (With Answers)

NIST AI RMF applied to a real research cluster. We govern our own AI tools, document decisions, and share templates. Practical governance for small teams.

PolicyBind is an AI Policy-as-Code platform that enables organizations to govern AI usage through a unified model registry, real-time token-based access control, and automated compliance reporting for frameworks like the EU AI Act and NIST AI RMF.

Canonical proto3 definitions for Chaukas: audit events, traces, decisions, and governance signals.

RampControl manages and tracks security compliance per FedRAMP requirements. It allows users to add new system security plans, manage POA&M entries, and export data in OSCAL format.

One line to instrument your agent and capture every event in an immutable, queryable audit trail.

This repository is a curated collection of concepts, explanations, real-world examples, and best practices related to cybersecurity.

[WIP] Notes on the SOC Compliance Framework, from a Compliance and Auditing workshop conducted by Erika McDuffie.

Verifywise user documentation

Learn how GRC (Governance, Risk & Compliance) skills are driving modern careers. Includes salary insights, certifications, and top global learning resources.

The REChain Network Governance UI is part of the REChain Network Solutions GitHub organization, which focuses on developing decentralized solutions using blockchain technology. Their mission is to ensure user privacy, data security, and anonymity on the internet by leveraging blockchain's capabilities.

Power BI Cyber GRC dashboard for vulnerability SLAs, breach rate and critical server risk.

A research analysis on the convergence of Post-Quantum Cryptography (PQC) and Zero Trust Architecture (ZTA), addressing the 'Harvest Now, Decrypt Later' threat model and NIST 2024 standards.

Per-PR CI gates for AI-generated code and data, with attachable evidence packs for reviewers and compliance.

Just my portfolio

Mini Case Study on AI Risk for BetterFit Application — PDF, Risk Register, Visuals.

SmartCompliance — AI-powered Policy to SCF Mapping System Intelligent compliance management tool that uses RAG and semantic similarity to map company policies to the Secure Controls Framework (SCF) with explainable confidence scoring, visual dashboards, and PDF reporting.