What is GRC?

GRC stands for Governance, Risk management, and Compliance

GRC is a structured approach to an organisation's corporate governance, enterprise risk management and compliance management.


Governance is the way rules; norms and actions are structured, sustained, regulated and held accountable.

Governance describes the overall management approach through which senior executives direct and control the entire organisation, using a combination of management information and hierarchical management control structures.

Risk Management

Risk Management is the set of processes through which management identifies, analyses, and responds appropriately to risks that might adversely affect realisation of the organisation's business objectives.


Compliance means conforming to stated requirements, as defined by laws, regulations, standards, contracts, strategies, and policies.

Compliance also describes the goal that organisations aspire to achieve in their efforts to ensure that they are aware of and take steps to comply with relevant laws, policies, and regulations.

Governance is the system by which organisations are directed and controlled, involving the allocation of rights and responsibilities across all constituencies including the Board, management, staff, shareholders and other stakeholders.

Governance provides the rules for decision making and accountability - setting levels and measurement of performance against objectives - the structure and the compliance requirements, ranging from mandatory to discretionary. The process by which performance against objectives and obligations is met, authority is delegated and monitored and control over the creation, effectiveness and efficiency of organisational systems and structures is maintained.

GRC Institute 2019

Pali GRC simplifies your governance, risk and compliance (GRC) activities and saves you precious time and money, and ensures standards and consistency across the enterprise

ProbityPro Probity

ProbityPro manages the complete probity and procurement cycle, with the flexibility needed to accommodate an organisation's nomenclature, procurement processes and governance, workflows and more.