What is GRC

GRC stands for Governance, Risk and Compliance, although some organizations may use the acronym to stand for “Governance, Risk and Control.”

It is a strategy for managing an organization’s overall governance, enterprise risk management and compliance with regulations. The capabilities of GRC are often spread over different departments: internal audit, compliance, risk, legal, finance, IT, HR as well as the lines of business, executive suite and the board. However it broadly covers these three areas:

  • Governance: Ensuring that organizational activities support the organization’s business goals.
  • Risk: The identification, classification and addressing of any risk associated with organizational activities.
  • Compliance: Ensuring that an organization is meeting compliance with all legal and regulatory requirements.

Published by Micky Wong

IUWorld site administrator

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s