Governance, risk and compliance (GRC) refers to a strategy for managing an organization's overall governance, enterprise risk management and compliance with regulations. Think of GRC as a structured approach to aligning IT with business objectives, while effectively managing risk and meeting compliance requirements. A well-planned GRC strategy comes with lots of benefits: improved decision-making, more optimal IT investments, elimination of silos, and reduced fragmentation among divisions and departments, to name a few.