Play with a mock risk heat map, toggle mock controls, and ask ChatGRC about a sample organization’s posture — entirely in your browser, with sample data only.
Sample data — not a real organization. Every risk and control below is fictional and for illustration only. Nothing here is saved, and no account is required.
Sign up to connect your ownPick a sample risk, set Likelihood x Impact, then toggle mock mitigating controls to see residual risk recompute — same likelihood x impact and mitigation-factor math as the real product (src/lib/risk/scoring.ts and src/lib/risk/autoscore.ts).
Unauthorized access to a fictional customer database.
| Impact 5 | 5 | 10 | 15 | 20 | 25 |
|---|---|---|---|---|---|
| 4 | 4 | 8 | 12 | 16 | 20 |
| 3 | 3 | 6 | 9 | 12 | 15 |
| 2 | 2 | 4 | 6 | 8 | 10 |
| 1 | 1 | 2 | 3 | 4 | 5 |
| Likelihood 1 | 2 | 3 | 4 | 5 |
Mock mitigating controls for this risk
Inherent score
20
CRITICALResidual score
4
LOWReduced from likelihood 4/impact 5 to 2/2 (mitigation factor 60%).
Flip these mock controls on/off. The readiness percentage below is a simple, illustrative calculation — nottied to any real framework’s actual control count or weighting.
2 of 4 sample controls ON — a toy ratio for demonstration only, not a scored framework assessment.
Ask ChatGRC about this mock organization's posture (e.g. "what controls mitigate a data breach risk?"). It answers from general framework/glossary content only.
This is the same public demo assistant at /assistant/demo— it has no access to this sandbox’s mock data (or any real tenant’s data), only general public framework and glossary content.
Ask a general compliance question. This demo only knows public framework and glossary content — for example:
The real product computes these same scores from your actual risks, controls, and evidence — not sample values.