Governance, risk management and compliance (GRC) is the term covering an organization's approach across these three practices: governance, risk management, and compliance.[1][2][3][4] The first scholarly research on GRC was published in 2007[5] where GRC was formally defined as "the integrated collection of capabilities that enable an organization to reliably achieve objectives, address uncertaint