Governance, Risk and Compliance (GRC)


Corporate Governance refers to responsible leadership for the benefit of the people associated with the business, and the various external interest groups. Ensuring that organizational activities, like managing IT operations, support the organization’s business goals.

Risk in the IT context means having a comprehensive IT risk management process that rolls into an organization’s enterprise risk management function. Making sure that any risk (or opportunity) associated with organizational activities is identified and addressed in a way that supports the organization’s business goals.

Compliance, or corporate compliance, is the set of processes and procedures that a company has in place in order to make certain that the company and its employees are conducting business in a legal and ethical manner.