Start Here

Follow the documentation from top to down, DONT MISS a step and you will learn all there is to GRC and eramba.

Step One - Install & Configuration (30-40 Minutes)

Install from source or use our pre-installed VM and then understand basic access management features.

Install from Source Code

Download our code and install the application on your Linux system using the source code.

Pre-Installed Virtual Machine

If you are not interested in installing eramba you can use our pre-installed VMs

Configuration & Access Management

Understand how accounts, groups, access, visualisations, portals, email, ldap, Etc operate.

Step Two - Learn the Basics (40-60 Minutes)

These guides cover basic features and concepts used across the system, is really important you get familiarised with them before you start using eramba. Follow the arrows to make sure you cover the entire curricula.


Core feature to query GRC data and export it as exports.


Automate email notifications, reports, reminders and more.


Keep track of changes (and restore anytime) on every control, risk or object.


Add,Update,Delete and List items (Risks, Controls, Etc) using Rest APIs.

CSV Imports

Import controls, policies and more using preformated CSV files.


Customize forms to your needs by adding additional fields.

Step Three - Core Functionalities (5-6 Hours)

Follow every step of the guide to ensure you learn how eramba works! These guides are critical to understand how eramba works at its very core, dont miss any guide if you want to understand how eramba is used.

Basic GRC Relationships

Understand the basic relationships in between controls, risks, compliance, Etc.

Policy Management

Document your policies, ensure they get review, publish them on a single portal, Etc.

Controls & Audits

Register your internal controls, their audits / testing, collect evidence, understand where they are used, Etc.

Exception Management

Keep record of every approval you give away and trigger notifications when they expire.

Data Flow Analysis

Document each data flow, their controls, policies and people involved. Understand where your data is nad how is protected.

Risk Management

Simplify Risk Management and its reviews to ensure it brings real value to your organisation.

Compliance Management

Upload any standard or regulation in CSV format and demonstrate how compliant your organisation is.

Incident Management

Record and manage incidents systematically and link them to affected risks, assets, controls, Etc.

Standalone Features (2 to 3 Hs)

Additional tools brought in to facilitate the work of a Security professional.

Security Awareness

Create multiple, Active Directory related awareness trainings with videos, multiple choices and more.

Vendor Assessments

Upload your questions and send them out so your suppliers can log in remotely and provide feedback.

Automated Account Reviews

Automate the process of reviewing user and roles accounts.


These documents will help you understand how eramba works in certain use cases

ISO 27001 Guide

Quick introduction on how eramba can help you with the popular ISO standard


Discover how eramba helps with PCI-DSS

Controls & Policies Templates

Ready to import controls and polices for Compliance Management.

Sarbanes Oxley Guide

Large companies subject to SOX have successfully used eramba to mantain their compliance requirements, learn how.