Large organizations struggle with complex burden of IT policies and controls that can directly affect corporate risk. Leading companies that are most clearly identified as IT GRC include Agiliance, Modulo, RSA Archer, Rsam and Symantec. The GRC market is broadly divided into enterprise and IT products, though there is considerable overlap and the distinction is far from clear. Mature companies have some sort of enterprisewide and, in some cases, centralized GRC programs, but are hamstrung by manual, redundant processes.”]
Source: https://www.csoonline.com/article/2127514/it-grc-tools–control-your-environment.html