MarketGovernance, risk, and compliance
Company Profile

Governance, risk, and compliance

Governance, risk, and compliance (GRC) is a holistic approach to governance, risk management, and regulatory compliance, used by companies, governments, and other organizations to ensure they meet regulatory requirements while running their operations effectively. This approach was developed in the 2000s for managing increasingly complex financial compliance requirements, and organizations also use it for addressing technical, environmental, and health and safety requirements.

History
Corporate financial scandals in the 1970s in the United States led to the creation of the organization, the Committee of Sponsoring Organizations of the Treadway Commission ("COSO"), by major US accounting associations; COSO issued reports calling for better controls over financial accounting, and standards to achieve those controls. Call for more strict internal controls and financial reporting standards for companies was driven by high-profile corporate scandals in the 1990s in the UK, leading to the Turnbull Report in the UK, and similar scandals in the United States in the early 2000s, like the Enron scandal, which led to the passage of the Sarbanes–Oxley Act in the US. The term "Governance, risk, and compliance" or "GRC" was published by Scott Mitchell, founder of the Open Compliance and Ethics Group (OCEG), in an academic paper in 2007. == Overview ==
Overview
Governance, risk, and compliance (GRC) are three related facets that aim to assure an organization reliably achieves objectives, addresses uncertainty and acts with integrity. As companies have begun to adopt artificial intelligence to help run their businesses, the risks intrinsic to AI raise GRC challenges to the companies using AI products. As of 2025, some companies were beginning to adopt AI tools to help them manage GRC. == See also ==
Source: Wikipedia ↗
tickerdossier.comtickerdossier.substack.com