Dragon1 Icon for
GRC
CREATED BY , CREATIVE COMMONS LICENSEDragon1 Definition for
GRC:
GRC is the integrated collection of capabilities to achieve Principled Performance in an organization. GRC integrates governance, management, and assurance of performance, risk, and compliance activities.
What is GRC meaning?
GRC is short for Governance, Risk, and Compliance or Governance, Risk Management, and Compliance.
It is the integrated collection of capabilities that enables an organization to reliably achieve objectives, address uncertainty, and act with integrity.
The acronym GRC was invented as a shorthand reference to the critical capabilities that must work together to achieve Principled Performance. These capabilities integrate the governance, management, and assurance of performance, risk, and compliance activities.
This includes the work done by departments like internal audit, compliance, risk, legal, finance, IT, and HR, as well as the lines of business, executive suite, and the board itself.
The acronym was used already in 2003, but the first academic paper on the topic came in 2007 by Scott L. Mitchell in the International Journal of Disclosure and Governance. This groundbreaking paper may have influenced the entire software and services industry.
Using Dragon1 as GRC Tool
Here you can see an interactive example blueprint that is used for Governance Risk Management Compliance GRC in organizations. With it, you can visualize, analyze, and manage the (non)compliance of the organization with standards.
More Definitions
Terms >
Accaptable Means of Compliance