Back to identity glossary

Governance, risk, and compliance (GRC)

Governance, risk, and compliance (GRC) is a term that refers to an organization's approach across these three practices: governance, risk management, and compliance with regulations. Governance is the system of rules that guides a business, risk management is the process of identifying and reducing potential dangers, and compliance is the processes an organization has in place to ensure it is following relevant regulations.

GRC is sometimes used to describe legal roles and can encompass security and internal controls.

Frequently asked questions

Why are governance, risk, and compliance important?
Toggle description visibility

Governance, risk, and compliance (GRC) is important because it can help your business reduce potential dangers and meet applicable regulations. Combining these practices can also help increase transparency and efficiency within an organization.

What is the meaning of governance and compliance?
Toggle description visibility

Governance is the system of rules that guides a business, while compliance is the processes an organization has in place to ensure it is following relevant regulations.