What is GRC? - Legacy

Governance, risk, and compliance (GRC) is a general term describing the combination of people, processes, and products involved in establishing and executing business goals, while mitigating risk and proving compliance with regulations.

The Governance, Risk, and Compliance (GRC) application supports:
  • Creating policies
  • Defining and assessing risks
  • Defining controls based on policies and their associated risks
  • Downloading and importing Unified Compliance Framework (UCF) data. See https://www.unifiedcompliance.com/.
  • Generating audits and tests to ensure that controls are being followed
  • Generating remediation tasks to track corrective actions that are required