GRC Helps People Like You

Use the acronym GRACE-IT to remember all of the roles that must work together to achieve Principled Performance

Learn how multiple roles work together

As a GRC Professional, you must know how to work with other roles because...

GRC requires multiple departments and interdisciplinary work

GRC isn't about a single discipline, profession or role. It requires collaboration between the "Critical Six" disciplines.

After 15 years of research, our members have defined the best ways to work together.

Each discipline has areas where it excels and areas where it can learn from the others.

When disciplines are fragmented and separate, we see problems. When they are integrated, they work together to achieve Principled Performance.

As professionals, we must collaborate and help our organizations achieve Principled Performance. And, in the process, we can actually upgrade our own skills as well!


Learn how each discipline plays a role in GRC

G

Governance & Strategy at the Center

People in Governance, Strategy and Performance Management are a critical component

The governance, strategy and performance disciplines provide a foundation to define and measure strategies, tactics and progress toward objectives.

Integrating strategy into an overall GRC capability ensures that activities are aligned with risk management, compliance management, legal, finance, IT and culture; and that they are audit-ready.

Learn about Governance & GRC
R

Risk at the Center

People in risk are a critical component

The risk discipline provides a foundation for helping an organization address uncertainty as it drives toward objectives.

Integrating risk management into an overall GRC capability ensures that these activities are aligned with business objectives, strategies, compliance management, legal, finance, IT and culture; and that they are audit-ready.

Learn about Risk & GRC
A

Audit at the Center

People in audit are a critical component

The audit discipline provides a foundation to provide assurance to management, the board and other stakeholders that the organization is achieving objectives, addressing uncertainty and acting with integrity.

Integrating audit into an overall GRC capability ensures that these activities are aligned with business objectives, strategies, risk management, compliance management, legal, finance, IT and culture.

Learn about Audit & GRC
C

Compliance at the Center

People in compliance are a critical component

The compliance discipline provides a foundation for helping an organization act with integrity and stay within boundaries as it drives toward objectives. Mandated boundaries include laws, rules and regulations. Voluntary boundaries include organization values, contracts and other promises it makes with customers, employees and society.

Integrating compliance into an overall GRC capability ensures that these activities are aligned with business objectives, strategies, risk management, legal, finance, IT and culture; and that they are audit-ready.

Learn about Compliance & GRC
E

Ethics & Culture at the Center

Those responsible for Ethics and Culture are a critical component

People in HR, human capital management, talent management or lines of business are responsible for developing a culture of character and ethics.

Integrating culture and ethics into an overall GRC capability ensures that all other activities are conducted in an environment where people are aligned toward the general interests of the organization and society.

Learn about Ethics, Culture & GRC
IT

IT & Security at the Center

People in IT and Security are a critical component

The IT discipline provides a foundation to provide integrity and security around important information assets; and to provide technology to enable other GRC activities.

Integrating IT into an overall GRC capability ensures that these activities are aligned with business objectives, strategies, risk management, compliance management, legal, finance, IT and culture; and that they are audit-ready.

Learn about Information Technology (IT) & GRC

Putting Principles into Practice is what we do

Behind the big ideas of Principled Performance and GRC, we have hundreds of resources, standards, and certifications to upgrade your skills.