Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.

Governance, Risk, and Compliance (GRC)

Log in to subscribe to topics and get notified when content changes.

Governance, Risk, and Compliance (GRC)

Governance, Risk, and Compliance (GRC) is the methodology which manages the strict and complex regulatory and industry requirements across corporate environments. The ServiceNow® GRC suite contains four main applications: Policy and Compliance Management, Risk Management, Audit Management, and Vendor Risk Management.

Request a Governance, Risk, and Compliance app on Store

If you are a new GRC customer on Madrid Patch 1 or later, visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store.

Who uses GRC?

The complete GRC process involves all areas of your organization working together.

  • Board of directors
  • Audit committee
  • IT steering committee
  • Compliance officers
  • Risk officers (conduct risk assessment and identify all that can go wrong in business)
  • All levels of management (assist the risk officers with the identification of what can go wrong in their processes)
  • Auditors (an independent body, typically reporting to the board of directors)
  • Vendor risk managers, assessors, and vendors