What is Governance, Risk and Compliance (GRC)? - Definition from Whatis.com

Home
Topics
Topics Archive
Financial Security Resources
Governance, Risk and Compliance (GRC)

Definition

Governance, Risk and Compliance (GRC)

Governance, Risk and Compliance (GRC) is a combined area of focus within an organization that developed because of interdependencies between the three components. GRC software products, available from a number of vendors, typically facilitate compliance with legal requirements, such as those specified in the Sarbanes-Oxley Act (SOX) or occupational health and safety regulations.

Learn more about governance, risk and compliance at SearchCompliance.com

Related glossary terms: eavesdropping, CTCI (Computer-to-computer interface), password cracker, QIX (NASDAQ Information Exchange protocol), Real ID, OUCH protocol, PAN truncation (primary account number), FACTA (Fair and Accurate Credit Transactions Act), Red Flags Rule (RFR), Securities and Exchange Commission (SEC)

This was last updated in May 2008

Editorial Director: Margaret Rouse

Premium Access

Register now for unlimited access to our premium content across our network of over 70 information Technology web sites.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Dig Deeper

People who read this also read...

Show me more

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

Research More Tech Terms

Search thousands of tech definitions
Browse tech definitions
Browse Alphabetically:
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Y
- Z
- #

Powered by WhatIs.com

File Extensions and File Formats

File Extension and File Formats List:

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
#

Powered by WhatIs.com

More from Related TechTarget Sites

Security
Cloud Security
Security Channel
Security UK
SMB Security
CIO

Security
- Using social engineering testing to foster anti-social engineering training
  
  Worried your users could easily be pwned? Learn about improving social engineering testing to foster anti-social engineering training.
- BeyondTrust acquires eEye Digital Security for vulnerability management
  
  Analysts say eEye’s vulnerability and configuration management capabilities are a good fit with BeyondTrust’s privilege management and AD integration.
- How to detect and mitigate Poison Ivy RAT malware-style attacks
  
  Learn how to prevent malcode like the Poison Ivy RAT malware, sophisticated malware that has been crafted especially for an enterprise take-down.
Cloud Security
- Quiz: Understanding cloud-specific security technologies
  
  Think you understand cloud-specific security technologies as well as expert Joseph Granneman does? Test your knowledge with this quiz.
- CSA launches cloud security certification initiative for service providers
  
  Plan calls for working with certification bodies, government agencies, as well as an independent CSA certification.
- PCI virtualization compliance still a challenge
  
  No black and white when it comes to PCI compliance in virtualized environments, experts say.
Security Channel
- Biometric authentication methods: Comparing smartphone biometrics
  
  Biometric authentication helps ensure only authorized smartphone users can access a network. David Jacobs weighs the pros and cons of three methods.
- F5 Vault program embraces incentives for F5 firewall, security sales
  
  The Vault partner program uses incentives to increase visibility for F5 firewalls and its architecture bundle.
- Using DMARC to improve DKIM and SPF email antispam effectiveness
  
  DMARC aids the DKIM and SPF protocols that help keep spam out and let legitimate emails in. David Jacobs explains how.
Security UK
- ICO fines Welsh health board £70,000 for patient record loss
  
  For the first time, the ICO fines an NHS organisation for sending patient data to the wrong person.
- With mobile payments, security teams must move quickly
  
  As employees make payments on their mobile devices, the security team must act quickly to ensure corporate assets remain secure.
- SOCA takes its website offline in DDoS response
  
  Just days after SOCA shut down carder sites, the agency was the victim of a DDoS attack, leading SOCA to takes its website offline.
searchMidmarketSecurity
- Windows Phone 7 security: Assessing WP7 security features
  
  Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
- Choosing the best security certifications for your career
  
  Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
- A step-by-step SMB IT security risk assessment process
  
  Assessing your organization's security threats and risks takes just five steps, says Robbie Higgins. Check out his quick guide to the SMB security risk assessment process.
CIO
- The right tools for a distributed software development team
  
  Use these three must-have tools to get the most out of a distributed software development team, but keep developer personal preferences in mind.
- Making sure your business software stays business-ready
  
  Business software is the table stakes an organization needs to thrive. Here's how to assess whether your business applications are up to the task.
- Mobile app dev at heart of website redesign
  
  A website redesign with ROI in mind meant bringing Maxim magazine readers' favorite features to their favorite devices.

All Rights Reserved, Copyright 2008 - 2012, TechTarget