Risk e-Views Vol 24 November 2012 – Risk Leadership: What is GRC?

I just returned from GRC 2012 – The inaugural industry conference bringing together the Australian Compliance Institute and the Risk Management Institution of Australasia. If you are wondering what GRC stands for, why the associations combined their conferences and what GRC really means, here are my views.

What does GRC stand for? GRC is an acronym for Governance, Risk and Compliance. It has its origins in the US, particularly post the large corporate collapses of a decade ago, where there was a mountain of compliance requirements loaded onto organisations and the software industry responded with solutions. Some offered risk only or compliance only solutions, however, before long the industry was offering solutions for both, plus various elements of governance processes. Whether it was a software vendor or someone else who first coined the phrase is irrelevant, the software industry has been pushing their wares under this banner and it has become a huge industry globally.    

 Why the combined conference? Because in many people’s eyes, mine included, the risk and compliance professions are converging. Among my clients there is a plethora of job titles with mentions of either risk, compliance or both, along with a good proportion having governance in their title.

What does GRC Really Mean? There was a lot of discussion on this at the conference. Indeed there was often complete disdain for the term. In general people could see that risk and compliance activities are part of good governance and that good governance is a good risk and a good compliance strategy and hence they are closely linked. If you were to ask me to summarise what GRC means I would say that GRC is all about ensuring the organisation has “NO REGRETS”. That although we might not have been as successful as we wanted to be, we were true to ourselves.

What is a GRC Professional? In short you are a performance coach. Athletes are coached to do their best and, other than those at the pinnacle of their sport, they fail many, many times. Perhaps you should have the title “Chief Performance Officer” or “Chief Performance Advisor!”