In my research I haven’t come across the prior art you suggest exists. The trust centers you linked aren’t fungible with what I’m building with GraphGRC. The idea is to make all your security docs just a GitHub repo with structured markdown that permits useful automation (e.g. generating linked internal site, validating all docs have been “reviewed” annually by checking metadata, change control via PR, etc.)

There are plenty of GRC products out there and are popular for good reasons, but I don’t think any of them are Git/Markdown/developer-first.