CapGRC
CapGRC
Back to platform
Roadmap

What we're building for you

The CapGRC roadmap is driven by the real needs of our clients. Have a suggestion? Share it — the next features are the ones you request most.

Suggest a feature
9Delivered features
6In development
9Planned or in vision
DeliveredIn progressPlannedVision

Delivered — 2024–2025

9 itemsDelivered

Risk Management module

Register, risk matrix, treatment plans

Regulatory Compliance module

Law 25, ISO 27001, PCI-DSS, GDPR, NIS2, DORA

Internal Audits module

Planning, work programs, reports

Project Security module

Law 25 DPIA, project risk assessment

Third-party Risks module

Vendor inventory, automated questionnaires

GRC Programs module

Strategic dashboards, maturity indicators

SSO / SAML

Azure AD, Okta, Google Workspace

Microsoft Teams & Slack integrations

Alert and deadline notifications

REST API v1

Programmatic access to GRC data

Q2–Q3 2026 — In development

6 itemsIn progress

Artificial intelligence — Risk analysis

Automatic rating and treatment suggestions based on organizational context

Enhanced executive dashboard

Advanced visualizations for the C-suite and board, with PowerPoint export

Policy management

Publishing, versioning and acknowledgment tracking of security policies

Jira integration (GA)

Exit from beta — general availability

Security Incidents module

Cyber incident management, Law 25 incident register, CPVP/CAI notification

SOC 2 Type II certification

Audit finalization and report publication

Q4 2026 — Planned

5 itemsPlanned

AI — GRC assistant

Contextual chatbot to guide users through assessments and compliance procedures

Vendor portal

Dedicated space for vendors to respond to questionnaires directly in CapGRC

ServiceNow & Asana integrations

Bidirectional synchronization of risks and action plans

Mobile app

View and update risks and action plans from iOS and Android

ISO 27001 certification

Launch of ISO 27001 certification program for CapGRC

2027 and beyond — Vision

4 itemsVision

AI — Predictive risk detection

Proactive identification of emerging risks based on sector and organizational data

GRC as a Service (GRCaaS)

Managed offering for organizations without internal GRC resources

Framework marketplace

Community library of frameworks and templates contributed by users

ESG module

Extension of the GRC program to environmental, social and governance criteria

💡

A feature missing from this roadmap?

Submit your suggestion — our product team reads all requests and incorporates them into quarterly planning.

Submit a suggestion