GRCM
Encyclopedia
GRCM refers to the measures, mechanisms and processes in operation within an organisation with the objective of managing Governance
, Risk Management
and Compliance
.
(GRC).
Governance
Governance is the act of governing. It relates to decisions that define expectations, grant power, or verify performance. It consists of either a separate process or part of management or leadership processes...
, Risk Management
Risk management
Risk management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities...
and Compliance
Compliance (regulation)
In general, compliance means conforming to a rule, such as a specification, policy, standard or law. Regulatory compliance describes the goal that corporations or public agencies aspire to in their efforts to ensure that personnel are aware of and take steps to comply with relevant laws and...
.
Governance, Risk & Compliance Management
Governance, Risk and Compliance Management (GRCM) represents an emerging management discipline in the cross-functional area of Governance, Risk Management, and ComplianceGovernance, Risk Management, and Compliance
Governance, Risk Management, and Compliance or GRC is the umbrella term covering an organization's approach across these three areas. Being closely related concerns, governance, risk and compliance activities are increasingly being integrated and aligned to some extent in order to avoid conflicts,...
(GRC).
See also
- Enterprise Risk ManagementEnterprise Risk ManagementEnterprise risk management in business includes the methods and processes used by organizations to manage risks and seize opportunities related to the achievement of their objectives...
- Operational Risk ManagementOperational risk managementThe term Operational Risk Management is defined as a continual cyclic process which includes risk assessment, risk decision making, and implementation of risk controls, which results in acceptance, mitigation, or avoidance of risk...
- PCIPayment card industryThe payment card industry denotes the debit, credit, prepaid, e-purse, ATM, and POS cards and associated businesses.The term is sometimes more specifically used to refer to the Payment Card Industry Security Standards Council, a council originally formed by American Express, Discover Financial...
, ISO 27001, ISO 27002, SOX, HIPAA, FISMA, DIACAP, GLBA.