Parsing the Difference Between GRC & ERM

By Joe Mont2015-11-03T13:15:00

Image: Lots of executives know the difference between compliance and risk management conceptually. But the difference between “governance, risk, and compliance” and “enterprise risk management”—not so much. This week, we pick apart both acronyms. “Compliance is typically what 90 percent of GRC software does,” says Steven Minsky, CEO of software ...

THIS IS MEMBERS-ONLY CONTENT

JOIN NOW

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

Article
The ‘Shalt Nots’ of GRC Implementations

2015-12-15T14:45:00Z By Joe Mont

There is no shortage of vendors and products in the governance, risk, and compliance software space. Choosing the wrong one can be disastrous. Just as problematic, however, is pairing a poor implementation strategy with even the best of solutions. Missteps can lead to employee revolts, cost overruns, delays, and ineffective ...
Opinion
When stability fails: Why over-optimization creates organizational brittleness

2025-11-07T19:21:00Z By Charles Thomas, CW guest columnist

Most organizations would say they value stability. Predictable operations, consistent output, and well-defined processes are generally considered marks of maturity. The assumption is simple: if a system can be made reliable, it becomes resilient.
Premium
Shadow AI: Another element of TPRM

2025-10-14T20:40:00Z By Neil Hodge

Companies may face significant financial and legal risks if they fail to vet suppliers and third parties over their use of unauthorized AI and how the technology may use and share their corporate data.

Parsing the Difference Between GRC & ERM

THIS IS MEMBERS-ONLY CONTENT

Related articles

The ‘Shalt Nots’ of GRC Implementations

When stability fails: Why over-optimization creates organizational brittleness

Shadow AI: Another element of TPRM