GRC - Governance, Risk, and Compliance
Governance, Risk and Compliance, or GRC for short, refers to a company's coordinated strategy for managing the broad issues of corporate governance, enterprise risk management (ERM) and corporate compliance with regard to regulatory requirements.
Specifically, the three pillars of GRC are:
- Governance – The effective, ethical management of a company by its executives and managerial levels.
- Risk – The ability to effectively and cost-efficiently mitigate risks that can hinder an organization's operations or ability to remain competitive in its market.
- Compliance – A company's conformance with regulatory requirements for business operations, data retention and other business practices
Defining Governance, Risk and Compliance
While many experts and GRC vendors disagree on a standard definition for Governance, Risk and Compliance, the Open Compliance and Ethics Group (OCEG) has published one of the most comprehensive GRC definitions. In its GRC Capability Model, Red Book, 2.0, the OCEG defines GRC as a "system of people, processes, and technology that enables an organization to:
GRC Solutions and Services
GRC business policies, software solutions and services enable companies to implement, manage monitor and measure the effectiveness of their Governance, Risk and Compliance strategies. GRC strategies rely on clearly defined, objective measurables for providing companies with insight into the overall effectiveness in each area of governance, risk and compliance.
Because GRC strategies span the entire organization, these tools and policies require management and coordination across numerous departments in an enterprise, including IT, management, security, compliance and auditing.
Stay up to date on the latest developments in Internet terminology with a free weekly newsletter from Webopedia. Join to subscribe now.
Like everything in technology, AI touches on so many other trends, like self-driving cars and automation, and Big Data and the Internet of Things... Read More »DevOp's Role in Application Security
As organizations rush to release new applications, security appears to be getting short shrift. DevSecOps is a new approach that holds promise. Read More »Slideshow: Easy Editorial SEO Tips to Boost Traffic
This slideshow reviews five easy on-page editorial SEO tips to help drive organic search engine traffic, including the page title, heading,... Read More »
Java is a high-level programming language. This guide describes the basics of Java, providing an overview of syntax, variables, data types and... Read More »Java Basics, Part 2
This second Study Guide describes the basics of Java, providing an overview of operators, modifiers and control Structures. Read More »The 7 Layers of the OSI Model
The Open System Interconnection (OSI) model defines a networking framework to implement protocols in seven layers. Use this handy guide to compare... Read More »