GRC definitions

GRC is an abbreviation for Governance, Risk Management and Compliance Management.

IT GRC is often perceived to have two meanings:

1. Using IT to manage the various Governance, Risk Management and Compliance Management processes of an organization.
2. Ensuring proper governance, risk management and compliance management of all IT systems and processes that support the business operations.

GRC resources

Wikipedia

Wikipedia about Governance, Risk and Compliance..

Corporate Integrity

Michael Rasmussen at Corporate Integrity, LLC defines GRC as follows:

• Governance is the culture, policies, processes, laws, and institutions that define the structure by which companies are directed and managed.
• Risk is the effect of uncertainty on business objectives.
• Risk Management is the coordinated activities to direct and control an organization to realize opportunities while managing negative events.
• Compliance is the act of adhering to, and demonstrating adherence to, external laws and regulations as well as corporate policies and procedures.

(end of quote).

Aberdeen surveys the effectiveness of GRC

Aberdeen research shows how companies are using governance, risk and compliance (GRC) management to enable competitive differentiation, cost reduction, and growth. Get your free copy here.

ISACA

The ISACA association has embraced IT Governance for several years. The IT Goverance Institute  - ITGI - is publishing COBIT 4.1, the widely adopted IT Governance Framework, that is being used by many organizations to support Sarbanes Oxley compliance. Risk IT is a recent risk management framework, publiced by ISACA.

OCEG

OCEG is a nonprofit organization who is promoting governance, risk management, and compliance processes