EN, Search Security Resources and Information from TechTarget

What is governance, risk and compliance (GRC)?

<p>Governance, risk and compliance (GRC) refers to an organization’s strategy, or framework, for handling the interdependencies of the following three components:</p>
<div class=”ad-wrapper ad-embedded”>
<div id=”halfpage” class=”ad ad-hp”>
<script>GPT.display(‘halfpage’)</script>
</div>
<div id=”mu-1″ class=”ad ad-mu”>
<script>GPT.display(‘mu-1’)</script>
</div>
</div>
<ol type=”1″ start=”1″ class=”default-list”>
<li>Corporate governance policies.</li>
<li><a href=”https://www.techtarget.com/searchcio/definition/enterprise-risk-management”>Enterprise risk management</a> programs.</li>
<li>Regulatory and company compliance.</li>
</ol>
<p>The term <i>GRC</i> was coined in 2007 by OCEG — formerly the Open Compliance and Ethics Group — a nonprofit think tank. GRC emerged as a discipline in the early 21st century when companies recognized that coordinating the people, processes and technologies they used to manage governance, risk and compliance could benefit them in two ways. A synthesized approach would help ensure their organizations acted ethically. It would also help them achieve their business goals by reducing the inefficiencies, miscommunication and other perils of a <a href=”https://www.techtarget.com/searchdatamanagement/definition/data-silo”>siloed approach</a> to governance, risk management and compliance.</p>
<p>Any size organization can use GRC. Developing a GRC discipline is especially important for large organizations that have extensive governance, risk and compliance requirements and where programs that meet these requirements often overlap.</p>
<section class=”section main-article-chapter” data-menu-title=”Why is GRC important today?”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>Why is GRC important today?</h2>
<p>As businesses grow increasingly complex, they need a way to effectively identify and manage key activities within the organization. They also need the ability to integrate traditionally distinct management activities into a cohesive discipline that increases the effectiveness of people, business processes, decision-making, technology, facilities and other important business elements.</p>
<p>GRC achieves this by breaking down the traditional barriers between busin

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Search Security Resources and Information from TechTarget

Read the original article: