IBM OpenPages with Watson platform features

Operationalize AI across the business

Drives GRC adoption with zero training into all three lines of defense. Infused AI guides users to quickly find and connect data. AI and advanced analytics improve data quality and reduce knowledge gaps.

Build and scale AI with trust and transparency

Make your data simple and actionable with this end-to-end prescriptive cognitive GRC solution. Configure workflows to automate GRC processes in minutes. Agile workflow and drop and drop UI speeds new use case development.

Create a business-ready analytics foundation

Targeted solutions to meet your specific GRC challenges. Choose only what you need within a single integrated platform. Scalable enterprise platform with a common object model. Comprehensive, adaptive APIs. Scales to tens of thousands of users.

Solutions features

Drive better outcomes with an integrated GRC platform that can reduce complexity and regulatory compliance expense. OpenPages is a Leader in Gartner Magic Quadrants for both IT Risk Management and Integrated Risk Management. See the solution modules below.

Business Continuity Management


Centralizes Business Continuity Data to enable visibility into the risks and controls affecting all critical business processes, people and assets.

Assessing Criticality

Built-in calculations to determine criticality of a process to your business. Perform business impact analyses to determine criticality of people, processes, and assets.

Planning and management

Develop Business Continuity Plans including, but not limited to, disaster recovery preparedness, equipment checklists, employee logistics, vendor checklists and more.

Operational Risk Management

Auto mitigate operational risk

Automate end-to-end process for identifying, analyzing, mitigating, managing and monitoring operational risk with risk and control self-assessments.

Performance indicators for all key risks

Create and monitor performance indicators for all key risks and controls. Track risk metrics with auto notifications when thresholds are breached.

Track and manage loss incidents

Loss event management enables risk managers to track loss incidents and near misses, record amounts, and determine root causes and ownership.

Regulatory Compliance Management

Map and consolidate requirements

Map regulatory requirements to internal taxonomies and business structures. Consolidate requirements into a single repository.

Strategic partnerships with Thomson Reuters, Wolters Kluwer, and Ascent

Automatically ingest content and regulatory alerts in a timely manner with the use of AI from industry leading regulatory intelligence partners.

Rules-based auto processes

Rules-based set up automatically processes incoming regulatory data. Distribute regulatory data to relevant stakeholders and owners.

Policy Management

Full lifecycle management

Manages the full lifecycle of policies and procedures. Simplifies and manages creation, review, approval, attestation and exception management.

Central library of best-practices

Maintains central library of laws, regulations and best practices. Tracks and monitors external regulatory changes for control and audit trails.

Compliance summaries from multiple angles

Users gain a quick summary of regulatory compliance from multiple angles, including functional areas, business units, regions or individual mandates.

IT Governance

Compliance across multiple frameworks

Enables compliance across multiple frameworks, such as the Committee of Sponsoring Organizations, IT Infrastructure Library, and the ISO.

Track IT incidents and root cause analysis

Auto notification and routing of IT-related activities. Tracks IT incidents and enables root cause analysis. Integrates with Network Frontiers UCF.

Third-party interoperability

Provides interoperability with third-party technologies and enterprise infrastructure management applications.

Internal Audit Management

Automate processes and standardize assessments

Automates audit processes and adds new efficiencies and standardization to risk and compliance performance assessments. One-click reporting.

Integrate with all other risk domains

Provides core shared services, open architecture and complete integration with all other risk domains for holistic enterprise-view compliance.

Create and execute audit processes

Supports annual and engagement planning. Facilitates creation and maintenance of audit scope, objectives and automated workpaper execution.

Model Risk Governance

Standardize model taxonomy

Helps ensure greater engagement and transparency in model risk management processes. Promotes standardization of model taxonomy and documentation.

Create comprehensive model inventory

Creates and maintains a comprehensive model inventory. Organizes, documents, and maintains an enterprise-wide record of models and their usages.

Executive dashboards and dynamic views

Models risk assessments, metrics, manages workflows and provides relationship views. Dashboards and dynamic views deliver transparency to management.

Third Party Risk Management

Protect your valuable data

Helps protect private information shared with vendors and prevent misuse of direct access to network resources. Mitigates vendor-related risk.

Simplify third-party management

Cuts complexity of third-party management, measures mitigation effectiveness and streamlines third party risk assessments.

Reduce vendor disruption and negative impacts

Works to decrease disruption and negative effects on compliance, brand or operations stemming from a vendor’s inability to deliver.

Financial Controls Management

Automate testing and compliance processes

Automates testing, reviews, attestation and remediation procedures, while helping ensure that financial compliance obligations are met.

Combine workflows and smart tools

Combines overall document management, powerful workflow capabilities, business intelligence tools and decision support.

Simplify global reporting regulatory compliance

Helps reduce cost and complexity of complying with global financial reporting regulations, automates workflow and provides executive transparency.

Next steps

The GRC environment is increasingly complex and costly. Speak with a GRC solution expert about the features you need.