Governance and Compliance Governance is the responsibility of senior management and focuses on creating organisational transparency by defining the mechanisms an organisation uses to ensure that its constituents follow established processes and policies. A proper governance strategy implements systems to monitor and record current business activity, takes steps to ensure compliance with agreed policies, and provides for corrective action in cases where the rules have been ignored or misconstrued. Compliance is the process that records and monitors the policies, procedures and controls needed to enable compliance with legislative or industry mandates as well as internal policies. Governance, Risk, and Compliance or "GRC" is an increasingly recognised term that reflects a new way in which organisations can adopt an integrated approach to all of these three areas. However, this term is often positioned as a single business activity, when in fact, it includes multiple overlapping and related activities within an organisation, e.g. internal audit, compliance programmess such as Sarbanes-Oxley(SOX), MiFID, enterprise risk management (ERM) and operational risk etc. Please click here to access further articles and resources related to governance and compliance.