Site Overlay

What is GRC?

Governance, risk management, and compliance

Governance, risk management, and compliance (GRC) is the term that encompasses an organization's approach in these three practices: governance, risk management, and compliance.  [1][2][3] The first scientific research on the GRC was published in 2007,[4] where the GRC was formally defined as "the integrated collection of talent that enables an organization to reliably achieve goals, address uncertainty, and act with integrity." In the research, the joint "keeping the company on track" activities carried out in departments such as internal audit, compliance, risk, legal, finance, IT, HR were referred to, as well as the lines of business, the executive suite and the board itself.

Governance, risk management and compliance – Wikipedia (wikipedia.org)