gorico

JSON twin: https://www.healthaidb.com/software/gorico.json

Company Name

Accorian

Product URL

https://www.gorico.io/

Company URL

https://www.accorian.com/

Categories

• compliance-certification
• compliance-infrastructure
• governance-risk-compliance
• security
• audit-management

Summary

GoRICO is a cloud-native Governance, Risk, and Compliance (GRC) platform that automates evidence collection, tracks security posture, and provides a collaborative workspace for auditors and stakeholders.

Description

GoRICO (by Accorian) is a customizable GRC solution for cloud, hybrid, and on‑premises environments that centralizes compliance frameworks, automates evidence collection (integrated and manual), cross‑maps controls across frameworks, provides posture and compliance scoring, and supports auditor collaboration and continuous, audit‑ready reporting.

Api Available

unknown

Certifications

• SOC 2

Company Founding

2019

Company Offices

• United States
• Canada
• India

Compliance

• SOC 2
• HIPAA
• ISO (general ISO frameworks)
• HITRUST
• CMMC

Customers

• Fintech Firm
• Sports Hospital
• NJ Based Healthtech Firm
• Hospital / Health System
• Ambulatory Practice
• Digital Health Provider

Data Residency

Data Standards

Deployment Model

• SaaS

Features

• Audit console (centralized audit documentation & sharing)
• Continuous compliance sustenance and monitoring
• Automated evidence collection from connected tools
• Gap assessment and remediation tracking
• Vendor assessment and vendor risk profiling
• Customizable questionnaires
• Task and workflow management (auto-delegation)
• Evidence library and versioned evidence storage
• Notifications and alerts
• Reporting and audit trails
• Role-based stakeholder & owner assignment
• Screenshot utility for manual evidence capture
• Integrations catalog for automated evidence fetching
• Collaboration with auditors (secure sharing)

Id

P0663

Integration Partners

• Google Cloud
• Bitdefender
• BambooHR
• GitHub
• AWS
• KnowBe4
• Sophos
• GSuite
• Microsoft Entra ID
• Jira
• Microsoft Azure
• Okta
• JumpCloud

Integrations

• BambooHR
• Sophos
• GitHub
• Okta
• Microsoft Azure / Microsoft Entra ID
• Jira
• JumpCloud
• Bitdefender
• KnowBe4
• AWS (S3, CloudTrail, CloudWatch, RDS, Redshift, GuardDuty, IAM, KMS, WAF, Shield, Security Hub, SQS, DynamoDB, Glue, Backup, Redis)
• Google Cloud / GSuite
• Confluence
• Microsoft Intune
• Slack
• Pivotal Tracker

Languages Supported

Last Updated

2025-09-07

License

proprietary (commercial)

Links

• https://www.gorico.io/
• https://www.gorico.io/modules
• https://www.gorico.io/integrations
• https://www.gorico.io/soc-2
• https://www.accorian.com/gorico/
• https://www.accorian.com/
• https://elion.health/products/gorico
• https://aws.amazon.com/marketplace/pp/prodview-d6rtainenq3c6
• https://dashboard.gorico.io/privacy-policy
• https://www.linkedin.com/company/accorian/

Market Segment

• enterprise
• smb

Optional Modules

• Audit Console
• Compliance Sustenance & Monitoring
• Gap Assessment
• Vendor Assessment

Os Platforms

• Web
• Chrome extension
• Firefox extension

Pricing Details

contact vendor for licensing tiers, custom quotes, and implementation services

Pricing Model

enterprise_quote

Privacy Features

Ratings

Regions Available

• United States
• Canada
• India
• Global

Release Year

2019

Security Features

• Encryption (in transit & at rest)
• Role-based access control (RBAC)
• SSO (SAML/OAuth via Okta/Azure/Entra)
• Audit logs / trails
• 2FA/MFA

Specialties

• governance, risk, and compliance (GRC)
• audit management
• evidence collection & automation
• security posture scoring
• third‑party risk management
• policy and procedure management
• framework cross‑mapping (SOC2, ISO, NIST, HIPAA mappings implied)

Support Channels

• contact_form
• email

System Requirements

Target Users

• security teams
• compliance officers
• internal auditors
• IT administrators
• CISO / vCISO
• risk managers
• devops / engineering teams
• external auditors
• enterprise IT leaders

Training Options

• documentation
• assisted_onboarding
• live_online

Type

product

User Reviews

Version

1.0

Canonical JSON

{
  "company_name": "Accorian",
  "company_url": "https://www.accorian.com/",
  "company_offices": [
    "United States",
    "Canada",
    "India"
  ],
  "company_founding": "2019",
  "product_url": "https://www.gorico.io/",
  "categories": [
    "compliance-certification",
    "compliance-infrastructure",
    "governance-risk-compliance",
    "security",
    "audit-management"
  ],
  "market_segment": [
    "enterprise",
    "smb"
  ],
  "links": [
    "https://www.gorico.io/",
    "https://www.gorico.io/modules",
    "https://www.gorico.io/integrations",
    "https://www.gorico.io/soc-2",
    "https://www.accorian.com/gorico/",
    "https://www.accorian.com/",
    "https://elion.health/products/gorico",
    "https://aws.amazon.com/marketplace/pp/prodview-d6rtainenq3c6",
    "https://dashboard.gorico.io/privacy-policy",
    "https://www.linkedin.com/company/accorian/"
  ],
  "summary": "GoRICO is a cloud-native Governance, Risk, and Compliance (GRC) platform that automates evidence collection, tracks security posture, and provides a collaborative workspace for auditors and stakeholders.",
  "description": "GoRICO (by Accorian) is a customizable GRC solution for cloud, hybrid, and on‑premises environments that centralizes compliance frameworks, automates evidence collection (integrated and manual), cross‑maps controls across frameworks, provides posture and compliance scoring, and supports auditor collaboration and continuous, audit‑ready reporting.",
  "target_users": [
    "security teams",
    "compliance officers",
    "internal auditors",
    "IT administrators",
    "CISO / vCISO",
    "risk managers",
    "devops / engineering teams",
    "external auditors",
    "enterprise IT leaders"
  ],
  "specialties": [
    "governance, risk, and compliance (GRC)",
    "audit management",
    "evidence collection & automation",
    "security posture scoring",
    "third‑party risk management",
    "policy and procedure management",
    "framework cross‑mapping (SOC2, ISO, NIST, HIPAA mappings implied)"
  ],
  "regions_available": [
    "United States",
    "Canada",
    "India",
    "Global"
  ],
  "languages_supported": [
    ""
  ],
  "pricing_model": "enterprise_quote",
  "pricing_details": "contact vendor for licensing tiers, custom quotes, and implementation services",
  "license": "proprietary (commercial)",
  "deployment_model": [
    "SaaS"
  ],
  "os_platforms": [
    "Web",
    "Chrome extension",
    "Firefox extension"
  ],
  "features": [
    "Audit console (centralized audit documentation & sharing)",
    "Continuous compliance sustenance and monitoring",
    "Automated evidence collection from connected tools",
    "Gap assessment and remediation tracking",
    "Vendor assessment and vendor risk profiling",
    "Customizable questionnaires",
    "Task and workflow management (auto-delegation)",
    "Evidence library and versioned evidence storage",
    "Notifications and alerts",
    "Reporting and audit trails",
    "Role-based stakeholder & owner assignment",
    "Screenshot utility for manual evidence capture",
    "Integrations catalog for automated evidence fetching",
    "Collaboration with auditors (secure sharing)"
  ],
  "optional_modules": [
    "Audit Console",
    "Compliance Sustenance & Monitoring",
    "Gap Assessment",
    "Vendor Assessment"
  ],
  "integrations": [
    "BambooHR",
    "Sophos",
    "GitHub",
    "Okta",
    "Microsoft Azure / Microsoft Entra ID",
    "Jira",
    "JumpCloud",
    "Bitdefender",
    "KnowBe4",
    "AWS (S3, CloudTrail, CloudWatch, RDS, Redshift, GuardDuty, IAM, KMS, WAF, Shield, Security Hub, SQS, DynamoDB, Glue, Backup, Redis)",
    "Google Cloud / GSuite",
    "Confluence",
    "Microsoft Intune",
    "Slack",
    "Pivotal Tracker"
  ],
  "data_standards": [],
  "api_available": "unknown",
  "system_requirements": "",
  "compliance": [
    "SOC 2",
    "HIPAA",
    "ISO (general ISO frameworks)",
    "HITRUST",
    "CMMC"
  ],
  "certifications": [
    "SOC 2"
  ],
  "security_features": [
    "Encryption (in transit & at rest)",
    "Role-based access control (RBAC)",
    "SSO (SAML/OAuth via Okta/Azure/Entra)",
    "Audit logs / trails",
    "2FA/MFA"
  ],
  "privacy_features": [],
  "data_residency": "",
  "customers": [
    "Fintech Firm",
    "Sports Hospital",
    "NJ Based Healthtech Firm",
    "Hospital / Health System",
    "Ambulatory Practice",
    "Digital Health Provider"
  ],
  "user_reviews": [],
  "ratings": [],
  "support_channels": [
    "contact_form",
    "email"
  ],
  "training_options": [
    "documentation",
    "assisted_onboarding",
    "live_online"
  ],
  "release_year": "2019",
  "integration_partners": [
    "Google Cloud",
    "Bitdefender",
    "BambooHR",
    "GitHub",
    "AWS",
    "KnowBe4",
    "Sophos",
    "GSuite",
    "Microsoft Entra ID",
    "Jira",
    "Microsoft Azure",
    "Okta",
    "JumpCloud"
  ],
  "id": "P0663",
  "slug": "gorico",
  "type": "product",
  "version": "1.0",
  "last_updated": "2025-09-07",
  "links_json": {
    "self": "https://www.healthaidb.com/software/gorico.json"
  }
}