features.matrix

Pulsar GRC Platform Features

A complete GRC system with over 20 modules that connects regulatory requirements to daily operations.

Compliance & Standards

The compliance graph as the platform core

A formal graph from regulatory requirement to control to evidence to owner with full change history, version comparison, and point-in-time state reconstruction.

Compliance graph

The platform core is a formal graph: requirement to control to evidence. The coverage dashboard updates automatically: requirements without controls, controls without evidence — visible at a glance.

PL/EU regulatory pack library

Ready-made operational packs: GDPR, NIS2, DORA, AI Act, Data Act, whistleblowing PL. Each includes controls, owners, frequencies, and required evidence.

Automatic impact analysis

When a new version of NIS2 or DORA is released, Pulsar automatically calculates which controls, mappings, and CAPA need updating. Pipeline: update -> impact -> tasks -> evidence -> report.

Full evidence lifecycle

Evidence as core process objects: metadata, owner, SHA-256 fingerprint, provenance, immutable versioning. Expiration dates with reminders and a validation checklist.

On-demand evidence packs

One button generates a complete package for the auditor: events, evidence, approvals, timeline — in a single archive with a deterministic SHA-256 manifest.

Document management

Repository with versioning, workflow from draft to review to approved to obsolete. Read acknowledgments with escalation. Access matrix by role and location.

Audits & CAPA

Full audit cycle and non-conformity closure

From audit planning through findings to CAPA with effectiveness verification — one flow without switching tools.

Full audit cycle

Planning with calendar, scope, and auditors. Automated checklists from requirement/control mappings. Findings register with severity, evidence, and owner. PDF/CSV reports.

External auditor portal

Restricted access with expiration — the auditor sees only designated packages and exports. Zero risk of browsing the full system. Comment and action log.

One-click finding to CAPA

Create a CAPA from an audit finding with one click. Bidirectional link: finding-CAPA-risk-control-evidence — nothing gets lost in emails.

CAPA board with escalation

CAPA board with deadlines and reminders. Deadline breach triggers automatic escalation. Closure requires effectiveness verification and linked evidence.

5-Why analysis

Structured root cause analysis with cause categorization. No CAPA moves to execution without a completed root cause.

Risk, Training & Readiness

Proactive risk management and competency development

Risk matrix, AI-assisted training, incident management, and TTX exercises in one platform.

Risk register with 5x5 matrix

Inherent/residual risk with appetite threshold. Risk-control-evidence coverage dashboard. Mitigation tasks with execution evidence.

Training module with AI

Program catalog with role-based assignments. AI content generator based on document changes. Test engine with pass thresholds. Training evidence pack.

Incident management

Full process: classification to post-incident analysis with roles (coordinator, owner, reviewer). Deterministic state machine. One-click incident evidence package.

TTX Workshops

Scenarios, roles, and injection events as process objects. TTX findings automatically flow into CAPA with a lessons-learned pack.

Vendor & ICT supply chain

Supplier register with criticality and required evidence. Criticality change triggers automatic requirement updates. Dedicated DORA and NIS2 packs.

AI & Automation

AI-native with full governance

AI Governance as a native platform module, enterprise connectors, and deterministic workflows — all ready for EU AI Act.

AI Governance (AIMS)

AI use-case registry with owner, purpose, and acceptance status. Operational policies with mandatory approval for high-risk. AI risk assessment per use case. AI competency tracking.

External system integrations

Ready-made evidence-focused connectors for M365, Google Workspace, Jira, ServiceNow. Safe automatic retry, per-organization credential vault with key rotation.

Deterministic workflows

CAPA, audits, and incidents run on explicit state machines. Invalid transitions return a controlled error with a reason. No object changes status silently.

Standalone mode

Pulsar works independently with no external system dependencies. Ecosystem integrations add value, but the core operates fully on its own.

mission.launch

Start trial and evaluate the process on your own operational data

Start Trial See how it works

What happens after you click?

  • You get a 14-day trial with full Professional process scope
  • You map your own requirements and immediately see impact on risks, audits, and CAPA
  • You choose a plan based on real team execution, not assumptions

Need an operational consultation? Email us: kontakt@pulsar-grc.pl