The LogicGate (LG) GRC platform really impressed me. I've been working in the GRC space for 8 years now and have used and reviewed countless tools. We've all groaned at the monolithic Archer and other archaic solutions that feel like old-school waterfall technology models. Refreshing and modern was my feeling after only a few short sessions and demos with the LG team. The Compliance and Audit (C&A) space is one that is often neglected for improvement and scalability. In large organizations, this is often solved with massive C&A teams that are too bloated for their own good and result in redundant inquiries, redundant evidence requests, and far too many audits. This leaves the rest of the business burnt out from overwhelming audit fatigue. In order to solve these problems you have to build a better C&A machine. Once you can build that machine the next step is to get operating efficiently in a platform. Unfortunately, so many of today's GRC "solutions" don't even come close to being flexible or scalable enough, which leaves many companies with exorbitant professional service expenses or a cumbersome in-house development team.
Scalability is gained in this platform due to the graph database. If used correctly, you can build out an organizational structure that not only reflects your business, but also the processes, controls, and services that operate underneath. Couple with a matured "common control framework", audit efficiencies are gained by being able to focus the platform on "test once and solve for many". Companies with complex C&A programs have the most to gain in this space as you can effectively maintain common controls and relevant service integrations to be as nimble as possible during testing. A few updates are easily maintained in LG as the business re-orgs, the C&A program grows, and to reflect joiners/movers/leavers.
Flexibility is gained through their workflow model. Users can self-build workflows which reflect your unique business processes without needing professional services. Please note how incredible this is. I can build my own custom audit lifecycle that reflects how my company does testing, our sampling strategy, and how we make determinations on control operating effectiveness. As that changes, I can quickly adjust the workflow. As teams come and go and business processes mature, you can continue to create new workflows, decommission existing ones, and build complex interdependencies between them in an "object oriented" fashion. To a large degree, the sky is the limit in this space.
Frankly I have yet to see any GRC solution that competes with these C&A competencies that LG offers.
Finally, the entire staff that I've worked with have been rock stars. Review collected by and hosted on G2.com.