BarnOwl is a fully integrated governance, risk, compliance, and audit software solution. BarnOwl provides a holistic and system-driven approach to GRC and assurance. BarnOwl streamlines your processes on a centralised platform, standardises risk and control taxonomies and offers the flexibility and scalability required for a changing business environment. For every industry, no matter the size of the business, BarnOwl is the ultimate integrated GRC software solution.



BarnOwl Risk Management software helps you achieve your strategic objectives and enables a culture of risk planning and control with accountability and ownership throughout your organisation. Continual monitoring of your risk universe gives you comfort and confidence in managing your business.


  • Built-in COSO / ISO31000 methodology with flexible configuration

  • Free web portal for action plans, risk & control self-assessments, key indicator input and surveys

  • Dynamic risk re-assessment with email alerts

  • Incident management for all types of events

  • Extensive built-in reporting and customisable Power BI dashboards

Learn More →


BarnOwl Compliance software allows you to import various acts, legislation, policies and procedures, link these to associated risks and monitor compliance. This facilitates regulatory compliance and director protection.


  • Simple import of compliance content supplied by 3rd party compliance content providers

  • Automatic generation of compliance risk management plans (CRMPs)

  • Automated compliance checklists

  • Logging of compliance issues and monitoring of remedial action plans

  • Extensive compliance reporting and customisable Power BI dashboards

Learn More →


BarnOwl Audit software supports any type of audit methodology including risk and control based auditing in support of best practice standards, ensuring that the key risks in your organisation are audited. BarnOwl facilitates all phases of auditing from planning through to reporting with advanced online and offline execution.


  • Integrated risk and control based auditing

  • Flexible set-up of audit project files

  • System managed working papers

  • Work online or offline

  • Extensive reporting including Microsoft Word integration for final audit reports and customisable Power BI dashboards

Learn More →


GRC Image
BarnOwl is a state of the art, end-to-end, fully integrated, risk, compliance and audit software solution.This facilitates combined assurance and integrated risk & control based auditing.
BarnOwl caters for industry standards and frameworks such as ISO 31000, COSO, GACP, IPPF, King IV and National Treasury.This allows you to embed best practices throughout you organisation.
A central data repository. A centralised database provides one version of the truth with data integrity, and consistency. It ensures that the same information is available to everyone across the organisation and eliminates the sharing of spreadsheets.
Configurable, parameter-driven system.This gives you the flexibility to configure the system to suit your requirements.
Flexible, hierarchical organisational structure.You can define your strategic units and business units, in a multi-level tree structure.
Flexible, hierarchical process structure.You can define your processes and business activities in a multi-level tree structure and apply them to the relevant organisational unit.
Configure user access using basic authentication (user id & password) or single sign on with integration to your Active Directory.Restricts access to the required users. Integration to Active Directory simplifies the sign on process and user maintenance.
Comprehensive user and/or group permissions management to restrict access to functions, and the organisational, process, and template structures.This ensures the segregation of duties and safeguards sensitive data.
Add your own custom fields to BarnOwl entities grouped by form section and sub section and include a tooltip comment.

Custom fields can be either text, numeric or date & time data types and optionally mandatory.

Numeric fields can be assigned colours by threshold.

You can add calculated fields, check boxes, combo boxes, pick lists, document uploads and user selections.

Custom fields can only be visible based on the value of another custom field.

Emails can be sent and action plans created automatically depending on the value entered in a custom field.
This allows you to customise BarnOwl entities (forms) extensively with your own unique data elements.
Create your own registers with their required fields.This lets you add new registers in BarnOwl to track your unique data objects. For examples loss events, incidents, policies, gift registers, tip-offs, etc.
Import your data (e.g. units, processes, users, etc.) from Excel.

You can map your spreadsheet data to BarnOwl entities and fields and run the import templates as often as required.
Simplifies the setup and maintenance of your BarnOwl data when it is stored in Excel or extracted from external systems.
Easy to use, template driven approach with searchable libraries across all modules.Drives a common taxonomy and methodology across risk, compliance and audit.
Full audit trails. Provides a record of all changes by date, time and user.
Built-in email alerts, notifications, reminders and escalations.Provides an early warning system prompting timely and proactive management of tasks such as action plans, re-assessments, voting etc.
Per user licencing for either Risk or Audit with bundled functionality at no additional cost. This includes BarnOwl Compliance, action plans, incident management, key indicators, votes, surveys, questionnaires and workshops.Extensive functionality with a simple and cost effective licensing model.
A free licence for unlimited internal users enables them to update their action plans, complete risk & control self-assessment (RCSA’s), update key indicator values, as well as complete surveys, compliance checklists and questionnaires online.Drives ownership and accountability for all GRC related tasks across the organisation at no additional cost.
Owned, developed, implemented and supported locally by a single provider.Unrivalled support and responsiveness to your requirements.
Tried and tested software with a 20 year track record and over 150 clients.Functionally rich and robust software implemented and supported by a highly qualified and experienced team, guarantees success.

View More →


  • What is GRC (Governance, Risk & Compliance)?

    An integrated GRC solution helps an organisation integrate its governance, enterprise risk management, compliance and assurance (audit) processes. By creating a single, unified approach, an integrated GRC solution can help an organisation optimise its overall business performance. An integrated solution helps a firm protect its reputation, enhance its financial performance, and reduce its risk and the risk of non-compliance. An integrated solution provides an organisation with a coordinated and systematic approach to achieving its objectives whilst protecting and enhancing business value.

    Corporate governance is important because it creates a system of rules and practices that determines how a company operates and how it aligns the interest of all its stakeholders. Good corporate governance leads to ethical business practices and financial viability. In turn, that can attract investors.

    The importance of strong corporate governance and managing risk is increasingly acknowledged. Organisations are under pressure to identify all the business risks they face, social, ethical, and environmental as well as financial and operational, and to explain how they manage them to an acceptable level. The board of directors/accounting officer/s plays a leading role in overall risk oversight and are appointed to:

    • Grow and protect the asset value of an organisation and maximise shareholder and stakeholder value,

    • Add value through a deep understanding of the business and the market in which it operates, including the downside and upside risks that face the organisation,

    • Assist with strategic decision-making based on a good understanding of the business, the market, and the associated risks and trends,

    • Be well informed and aware of the risks (leading and lagging) that may affect the sustainability of the organisation and how well they are being managed,

    • Play an active role in ensuring sound governance and ethical behaviour in order to protect the brand and minimise reputational risk,

    • Ask the complex and sensitive questions of the exco / management to ensure that the ‘real’ risks are uncovered to ensure a balanced view point when making management decisions,

    • Review risk tolerance and appetite across the organisation, ensuring that exco and management are operating within the boundaries and authority vested in them by the various stakeholders.

    Management is responsible for establishing and operating the risk management framework on behalf of the board/accounting officer. GRC brings many benefits as a result of its structured, consistent and coordinated approach. An effective GRC process and system greatly assist an organisation in achieving its objectives by:

    • Improved understanding of the key risks and their wider implications,

    • Identification and sharing of cross business risks,

    • Greater management focus on the issues that really matter,

    • Consolidated reporting of disparate risks at the board level,

    • Fewer surprises or crises,

    • Identification and taking advantage of opportunities,

    • More focus internally on doing the right things in the right way.

    • As the world of data continues to grow exponentially, organisations must streamline their governance processes to be more effective. This includes integrating IT governance into day-to-day operations. Moreover, the CIO and senior management should have visibility over IT operations.

  • What is GRC software?

    High performing entities embrace GRC management tools, shifting their focus to being proactive instead of simply reactive and driven by events. Proactive management of risk will assist in ensuring a meaningful return on resources invested, as well as decrease the amount of time spent on the management of crises. In this way, strategies can be developed that augment and develop the organisation’s opportunities.

    BarnOwl GRC software provides an integrated, holistic, and system-driven approach to GRC and assurance. BarnOwl streamlines your processes, integrates risk, compliance, and assurance information on a centralised platform, standardises risk and control taxonomies, and offers the flexibility and scalability required for a changing business environment.

    In summary, the BarnOwl GRC software:

    • Delivers informed decision making, taking into account all inter-related risk, compliance, and audit factors such as objectives, risks, controls, incidents, linked risks, KRIs, audit findings, and combined assurance,

    • Provides early warning and monitoring of problem areas with trend visualisation,

    • Drives ownership and accountability of risk with action plan visualisation,

    • Provides an integrated view of combined assurance across risk, compliance and audit.

    • Provides in-depth insight into the risks affecting the achievement of your strategic and business objectives,

    • Provides preventative and predictive risk intelligence enabling informed business decision making.

  • Pros and cons


    Allows businesses to:

    • Streamline your GRC assurance process, save time, achieve better results, integrate risk, compliance and audit requirements all in one place

    • Enable combined assurance ensuring that all blind spots are covered whilst at the same time ensuring that business is not overloaded with overlapping assurance related tasks

    • Conform standards across all lines of defence / assurance provider

    • Automate the monitoring of all assurance related activities in a coordinated manner

    • Drive process improvement

    • Protect sensitive data (strategy, strategic risks, opportunities, findings, tip offs, incidents, forensics etc.) in a secure central database with role based permissions

    • Generate combined assurance reports and dashboards effortlessly

    • Transform your GRC data into valuable business insight and foresight facilitating improved business decision making


    Some of the barriers to using GRC software include:

    • Excel is easy to use and provides flexibility for users to capture data in almost any format they wish. No need to conform to a standard methodology, data validation, drop down boxes etc.

    • Conforming standards across various lines of defence and assurance providers (e.g. risk, compliance, audit, combined assurance etc.) is not easily achieved in large-scale organisations and requires change management and compromise

    • Silo mentality rules across divisions and most of us like doing our own thing in our own way. Excel supports this approach perfectly

    • Maintaining standards and clean and up to date library data (processes, risks, controls, audit programmes etc.) in a centralised database is the best approach, however can be onerous and requires time. This is still a lot more effective and easier than trying to consolidate 100s of spreadsheets across the organisation

    • Reports / dashboards generated by the software do not always meet business requirements and require time and effort from business to scope and refine reporting to get the desired results

    • Learning new software requires time and effort

    • Return on Investment (RoI) for any software facilitating support-office functions such as GRC software, is not easily justified until something goes wrong which should have been picked up well in advance

Recommended Reading


The World’s Oldest Businesses – How Do They Do It?

A Brief History of Personal Debt

BarnOwl Info Sharing Insight: Never Mind a National Grid Failure, but What About the Effect of Continued Severe Load Shedding on Organisations with Michael Davies


BarnOwl GRC Summary Presentation

BarnOwl Brochure

BarnOwl Intelligence Datasheet


Risk Management Software | Audit Software | BarnOwl Software

BarnOwl Introduction


Subscribe to BarnOwl's Information Portal

Subscribe to BarnOwl’s information portal today and receive our monthly newsletter with the latest GRC and audit insights, industry updates, priority access to exclusive events, tip of the month and more straight to your inbox!


Registered Address

75 Malibongwe Drive
Linden Ext
South Africa

Postal Address

PO BOX 3009


+27 (0) 11 540 9100


More Information:
Product Support:

Let Us Contact You
Let Us Contact You
I grant BarnOwl permission to contact me for marketing purposes*
*You will receive BarnOwl monthly newsletters & invitations to online events. You can unsubscribe at any time.


If you need assistance with your BarnOwl software, there are three channels available to you:


You will be emailed a ticket number from our issue tracking system and your request will be managed in
this ticket until it is completed.


You can view all your existing tickets or create new ones.


+27 (0) 11 540 9112
to speak to a support consultant

Let Support Contact You
Let Support Contact You