Yet Another Definition of GRC; What's in this GRC bag of tricks?

When we put out the word to our Members that we were interested in getting their inputs on how they defined, and perceived, a GRC program initiative... we weren't prepared by the overwhelming response of comments and thoughts. This has been a resounding success in terms of upping our cross-industry discussions and mobilizing our collaborative communities of Executive Think Tanks, Industry Clusters and Special interest Groups (SIG's).

Here's one submitted definition that seems to cover all the bases. It even covers Work Excellence (WE) which is an important concept.

GRC is an acronym standing for Governance, Risk and Compliance that represents a moniker for an enterprise-wide program capability to create an ethical culture, achieve business objectives while meeting all laws, statutes and industry-related compliance requirements, address business risk, and promote integrity in a reliable, and sustainable, way. GRC programs span all functions and roles and include internal controls management, internal audit, information security, patent management, privacy controls and even Work Excellence (WE) best practices.

Make sure to send us your definition of GRC and we will post it.


Post new comment

The content of this field is kept private and will not be shown publicly.