RiskLedger

RiskLedger is a web app (with optional mobile companion) for small and mid-sized companies that need lightweight, auditable risk management without buying a heavyweight GRC suite. It turns day-to-day risk decisions into an evidence trail: each risk has an owner, controls, incidents, and linked proof (tickets, policies, screenshots, vendor docs). An AI assistant helps draft risk statements, map controls to common frameworks (SOC 2, ISO 27001), and summarize changes since last review, but it never “auto-approves” anything. The product focuses on making reviews fast: weekly risk inbox, overdue control reminders, and a simple “what changed” report for leadership and auditors. It integrates with the tools teams already use (Jira, GitHub, Google Drive) so evidence collection is mostly automatic. Pricing is per company with tiered seats, aiming to be affordable for teams that are too small for enterprise GRC but too exposed to wing it.