MetricStream is simplifying Governance, Risk, and Compliance (GRC) for modern and digital enterprises.

Our market-leading enterprise and cloud Apps for GRC enable organizations to strengthen risk management, regulatory compliance, vendor governance, and quality management while driving business performance.

The MetricStream GRC Journey methodology integrates GRC technologies and programs across business, IT, and security functions as we enable organizations to realize the vision of Pervasive GRC.

Rich content from and thriving communities like, as well as MetricStream Special Interest Groups (mSIGs) support the ongoing success of our customers through real-time content feeds and best practices embedded in our Apps.

Leading companies across industry verticals are benefiting from MetricStream’s simple and modular approach to GRC that is transforming risk management in a business environment that is increasingly mobile, social, global, and virtual.

We have been consistently rated as a market leader by leading analysts, and have received several awards and recognitions for product innovation and customer success. MetricStream is headquartered in Palo Alto, California, and has offices across the globe.

Products and services

Our extensive range of GRC Apps enable you to manage your risks, compliance, and governance activities in a holistic, consistent, and efficient manner.

The Apps extend across the enterprise, streamlining GRC processes, and integrating risk and compliance intelligence from multiple sources to guide strategic decisions. With support for mobility, real-time reporting, advanced risk analytics, regulatory notifications, and social media monitoring, our Apps are designed to help you thrive in today’s complex, global enterprises.

MetricStream's industry leading apps that drive performance include:

  • Enterprise Risk Management
  • Operational Risk Management
  • Internal Audit Management
  • SOX Compliance Management
  • Compliance Management
  • Policy and Document Management
  • Regulatory Change Management
  • Incident Management
  • Case Management
  • Business Continuity Management
  • IT Risk Management
  • IT Compliance Management
  • Threat and Vulnerability Management
  • Vendor Risk Management
  • Third-Party Management
  • Supplier Quality Audit Management
  • Regulatory Engagement Management
  • NCM and CAPA Management
  • Operational Audit Management
  • Product Compliance Management
  • Issue Management
  • Survey Management

Articles about MetricStream

You need to sign in to use this feature. If you don’t have a RiskTech Forum account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here: