Diligent logo


Diligent Solutions for the Public Sector

Diligent One GRC Platform Primer

Key Federal Use Cases

The Diligent One Platform1 is a FedRAMP moderate and DOD IL5 authorized GRC SaaS platform operating on the Amazon GovCloud that extracts data from enterprise systems and integrates it into internal controls, enterprise risk, continuous monitoring, audit, and IT compliance & risk management functions in a unified environment.

  • Key Differentiators
    • In December 2023, Forrester Research recognized Diligent as a leader in GRC software with the highest overall rating for current solutions in its GRC Wave report.
    • Unlike customizable solutions, Diligent can be used out of the box and time to value is much quicker than other products. Configurations typically take 3-6 months to implement.
    • ACL Analytics powers the platform. ACL has grown into a data extraction and integration tool incorporating AI and robots that can connect with any API or legacy system.
    • All federal standards and regulations are available out of the box and enabled with automation toolkits.
    • Total cost of ownership is significantly less than customizable products because the configurable, purpose-built, no-code platform requires no third-party customization or programming support to make changes and updates over time.
    • Consolidating use cases on one platform reduces security risks and costs associated with maintaining and training staff on multiple platforms.
  • Solutions for the CFO and CRO
    • Automate Internal Controls Programs by digitizing the OMB A-123 framework, specifying controls objectives, linking to control activities, and automating testing procedures with enterprise data. Visualize results at any level to reduce risks and improve auditability. Use one click reporting for cycle memos and statements of assurance.
    • Strengthen Enterprise Risk Management programs with real-time risk assessments and monitoring with advanced, AI-powered analytics to continuously curate and report key information to decision makers through dashboards. Use one click reporting for periodic reports.
    • Continuously Monitor any Key Performance or Key Risk Indicator by extracting data from directly from its source, including legacy systems, automatically clean it, analyze it, visualize red flags and exceptions, and then trigger actions to remediate risks. Automating the monitoring of potential improper or fraudulent payments and user access for IT systems are some of the typical ways that customers use this solution.
    • Track External Audits and Remediate Findings by efficiently responding to multiple external audits by managing PBC request and consolidating overlapping requests for data and information during the audit. Integrate results of Notice of Findings and Recommendations into internal control activities and the agency’s risk management framework, establish projects to complete corrective actions and visualize progress towards completing CAPs. Leverage efforts from one corrective action plan to others to reduce the time it takes to close open recommendations
    • Reduce Audit Reporting Timelines and Improve Quality by automating the entire audit process. This includes annual planning, data and document requests, testing of data and controls, identification of findings, indexing and referencing of draft reports, compiling reports with the click of a button. Fully compliant with all standards, and this solution can also be used for inspections and evaluations.
  • Solutions for the CIO and CISO
    • Minimize IT Security Risks by building a comprehensive view of cyber and other IT risks. Prevent costly data breaches and ransomware attacks, build digital resilience to system failures, and provide confidence in your IT security programs. Get actionable insights on your cyber and IT risk landscape, including third-parties, to help swiftly prevent and mitigate risk and exposure across your IT infrastructure. Track and manage POAMs to.
    • Improve IT Compliance with laws & regulations by centralizing and automating IT compliance functions into a single system. Leverage a common controls framework to manage and monitor compliance for multiple standards, security certifications, guidelines, frameworks, and regulations. Improve the timeliness of the ATO process and automate the creation and update of key documents such as an SSP or SAR.