In addition to providing compliance-related products, ComplianceForge also helps clients meet their specific business needs through direct professional services.
We're often asked for referrals for Subject Matter Experts (SMEs) who can help with unique client needs. Our strategic partners provide professional services, GRC platforms, risk management, and technology solutions to complement ComplianceForge documentation.
These partners have extensive experience implementing, tailoring, and integrating ComplianceForge products.

In addition to providing compliance-related products, ComplianceForge also helps clients meet their specific business needs through direct professional services.

Dark Rock Cybersecurity has extensive experience implementing and tailoring ComplianceForge products. Certified Practitioners, Architects and Assessors with the Secure Controls Framework (SCF).

Steel Root is an IT Managed Services Provider (MSP) specializing in helping US Defense Industrial Base (DIB) companies implement and manage security requirements under DFARS, CMMC, and federal standards.

principia/RAID specializes in comprehensive assessment and readiness services that cover a wide range of cybersecurity and compliance frameworks and industry standards, like CMMC, NIST, SOC 2, ISO, and more
These GRC platforms integrate with the SCF and ComplianceForge documentation to operationalize your compliance program.

Cyturus turns the documentation organizations build with ComplianceForge into a Living Control Set - a single, continuously maintained environment where policies, standards, procedures, evidence, risks, and framework obligations all connect to the controls teams already operate. This makes compliance work reusable, measurable, and easier to keep current as requirements change.
Ignyte is a leader in collaborative security and integrated GRC solutions for global corporations. Used across Healthcare, Defense, and Technology industries. Operationalizes compliance using SCF controls.
SCF Connect is a GRC platform built natively to support the SCF. Designed to integrate with ComplianceForge's SCRP (DSP) and CSOP products. Performs SCF Conformity Assessment Program (CAP) assessments.

SimpleRisk is an GRC platform with deep, native SCF support, deployable on-premise or as a hosted service. SimpleRisk closes the loop from SCF control to actual risk treatment. And because SimpleRisk is open source at its core, teams can start free and scale into commercial support and hosting as they grow.
ZenGRC is a cloud-based GRC/IRM platform that utilizes the SCF. Enterprise-grade solution for compliance and risk management with efficient control tracking, testing, and enforcement.
Technology partners that provide tools for security monitoring, configuration management, and compliance automation.
The CimTrak Integrity Suite is a robust security, compliance, and integrity management tool offering real-time integrity monitoring, assessment, and remediation of critical IT assets. Capabilities include system hardening, configuration management, change management, change prevention, roll-back and remediation, allow-listing, file reputation, STIX/TAXII feeds, and a built-in ticketing system.