Governance, Risk and Compliance Tool

Overview

Cybersecurity & Data Privacy

Johnson City, Texas, United StatesPosted about 2 months agoDeadline: April 8th, 2026

Fit Score

Settle Intelligence

Settle helps teams find, evaluate, and respond to public RFPs. We continuously surface new opportunities, score them against your company strengths, and draft proposal responses so you can focus on the work that wins business.

SUMMARY

The agency requires a comprehensive GRC tool to streamline compliance activities, documentation, asset management, and security workflows for a one-year contract in Texas.

KEY REQUIREMENTS

BUDGET

Estimate

$750,000 – $2,500,000

CONTRACT DURATION

36 months

TIMELINE

Open Date: March 20, 2026

Questions Due Date: March 27, 2026

Post Answers to Public Notice, estimated date: April 2, 2026

Submissions Due Date: April 8, 2026

QUESTION DEADLINE

March 27th, 2026

Issuing Agency

Pedernales Electric Cooperative, Inc.

Organization overview and procurement intelligence available on paid plans.

See Issuer Research

DESCRIPTION

The agency seeks a governance, risk, and compliance (GRC) tool to support comprehensive compliance activities and ensure audit readiness. The solution must accommodate the loading of full requirements and compliance narratives for all relevant standards, including Reliability Standard Audit Worksheets (RSAWs) and details on internal controls. The tool should enable role-based assignments for Subject Matter Experts (SMEs) and support document-based security features.

A robust workflow is required for collaboration, reviews, and approvals among multiple users, along with the ability to tag and link evidence and documentation across various standards using single evidence files. The system should provide flexible notifications, reminders, and escalations for both recurring and event-driven tasks. It must assist with asset data management, including tracking and documenting asset change activities and integrating systems security management, such as port and service management, patch evaluation, malicious code prevention, and security event monitoring.

The solution should support configurable internal workflows for spot checks, compliance assessments, self-certifications, and implementing new standards. The initial contract for this solution will be for one year, with all vendor questions due by March 27, 2026.

Source attribution

This Settle analysis is based on the issuing organization’s public RFP listing.