The business activities known as governance, risk and compliance (GRC) are tightly linked. Governance, risk management and compliance management are separate but closely related activities that take place in any organization. Governance is essential to the management of a corporation. Without it there can be no reliable way to guide the actions of individuals to align them to corporate objectives and requirements. Risk, for its part, comes in many forms, including internal failure, unfavorable external events and catastrophes. Managing risk involves anticipating negative events, understanding their costs, determining whether the potential benefits outweigh risks, and applying controls either to prevent risk events or mitigate their impact. And because all companies exist in some legal and regulatory jurisdiction, compliance with existing laws and regulations is essential.