Overview#

Governance, Risk, and Compliance (GRC) is an increasingly recognized term that reflects a new way organizations focus on and manage an integrated approach to these three areas.

We have also seen: Governance, Risk and Compliance Management (GRCM)

According to Michael Rasmussen, a well regarded industry analyst at Forrester Research, the challenge in defining GRC is that individually each term has "many different meanings within organizations. There is corporate governance, IT governance, financial risk, strategic risk, operational risk, IT risk, corporate compliance, Sarbanes-Oxley Act (SOX) compliance, employment/labor compliance, privacy compliance . . . you get the picture."

Identity Governance Framework

We have identified some IDM Related Compliance Items that are most common that we have run into in our work with some of our Clients.

More Information#

There might be more information for this subject on one of the following:

• Data Classification
• GRC
• GRCM
• Glossary Of LDAP And Directory Terminology
• IDSA Integration Framework

---

• [#1] - Governance, Risk Management, and Compliance - based on information obtained 2013-04-10