GRC glossary

Essential definitions risk and compliance leaders need to know.

linkedin page
GRC DEFINITION
casual group discussion in meeting room with green gradient overlay

  • Corporate governance

    Corporate governance

    What is corporate governance?  The Cadbury Report gave one of the most widely used definitions of corporate governance: “Corporate governance is the system by which companies are directed and controlled.“ The Cadbury Report However, beyond day-to-day operations corporate governance is also the system by which a company is held accountable. It covers how the board…

    Read more: Corporate governance
  • Governance, risk and compliance (GRC)

    Governance, risk and compliance (GRC)

    What is Governance, Risk and Compliance (GRC)?  Governance, risk, and compliance, often shortened to GRC, is the framework organizations use to oversee decision-making, manage risk, and meet legal, regulatory, and internal requirements.    OCEG refined the term, defining it as:  At its best, GRC helps organizations move beyond siloed activity. Instead of governance, risk, compliance, audit, and…

    Read more: Governance, risk and compliance (GRC)

Got a question for our team?

Request a demo
Contact us

Continue learning about the world of GRC

  • Recent Bank of England warning and why AI-driven cyber threats are now a top concern for banking regulators globally

    Recent Bank of England warning and why AI-driven cyber threats are now a top concern for banking regulators globally

    Key takeaways  Introduction: Is AI changing the cyber threat environment faster than organizations can respond?  AI is not only a technology that organizations need to govern internally. It is also reshaping the external cyber threat environment. Used well, AI can help teams detect vulnerabilities, strengthen defenses and respond to incidents more quickly. However, the same capabilities can create new attack…

  • When employees become the attack surface: lessons from the Carnival breach

    When employees become the attack surface: lessons from the Carnival breach

    Key Takeaways Introduction: what happened in the Carnival data breach? Carnival Corporation is one of the world’s largest cruise operators, with a portfolio of cruise brands serving customers across international markets. On 14 April 2026, Carnival Corporation said its IT security team identified unauthorized activity involving an employee account. According to the company, an unauthorized…

  • US & UAE GRC headlines: Regulators are widening the assurance perimeter.

    US & UAE GRC headlines: Regulators are widening the assurance perimeter.

    Recent regulatory activity in the US and UAE points to a bigger GRC trend: regulators are looking beyond policies and asking whether organizations can prove control across more areas of the business.  In the US, the Department of Justice announced a $549.5m False Claims Act settlement over alleged evasion of customs duties on Chinese aluminum extrusions. The…

Ready to discover game-changing GRC tech?

Contact the team and request your demo today.

This form may not be visible due to adblockers, or JavaScript not being enabled.