Optro launches AI-powered GRC capabilities for the modern enterprise

Optro, a leading AI-powered GRC platform empowering enterprises to transform risk into opportunity, has announced several product capabilities to boost the effectiveness of customers’ risk management programs and enable them to innovate with AI confidently and responsibly. These capabilities follow shortly after the company changed its name to reflect what its AI-powered GRC platform enables: a single, coherent view across infosec, compliance, risk, and audit.

“Cyber risk now moves at machine speed, and legacy GRC tools can no longer keep up,” said Happy Wang, Chief Product and Technology Officer at Optro. “By leveraging AI to predict cyber risk, surface real-time insights, and accelerate mitigation, we help organizations shift from reactive reporting to proactive risk defense—building a true system of action that is ready for the AI era.”

Optro’s latest Risk Intelligence report found that AI governance program maturity is advancing, but unevenly. AI adoption continues to outpace AI governance, with 85 percent of organizations reporting they have integrated AI into their core operations or deployed it across multiple functions, while only a quarter report comprehensive visibility into employee AI use. At the same time, only 34 percent of organizations report their AI governance program is strategic and continuously improving. As these challenges become increasingly prevalent across industries, Optro has released the following product capabilities to help customers turn clarity into action:

At the core of the announcement is a unified governance layer designed to act as an AI orchestration framework across policies, technology stacks, and human oversight. The capability enables organisations to standardise governance practices, improve visibility into AI-related risks, and enforce governance policies consistently across the enterprise.

Vulnerability Risk Monitoring, one of the updates, provides a clear narrative of how a specific vulnerability affects an organisation’s security posture and bottom line. This AI-powered functionality enables organisations to understand the true business impact of a vulnerability. Included with IT and Cyber Risk Management (formerly IT Risk Management), it represents a shift in how organisations defend their digital perimeter.

Continuous control monitoring, another of the updates, includes AI-driven recommendations for controls best suited for automation, along with a library of ready-to-use monitoring templates, enabling teams to bypass manual setup and begin monitoring controls immediately. This capability helps organisations reduce manual effort, improve consistency, and gain more timely visibility into control performance. By automating evidence collection and surfacing potential issues earlier, teams can address gaps more efficiently and move towards a more continuous approach to assurance.