GRC: Three letters, one challenge

GRC stands for Governance, Risk Management and Compliance and represents approaches that are intended to regulate violations within companies. This is also - or especially - important for medium-sized companies.

Since 2018, one in five companies has been involved in breaches of regulations that can be assigned to the topics of governance, risk management and compliance. The trend for such violations is increasing. In particular, a company's own compliance rules - usually within the framework of the German Data Protection Ordinance (DSGVO) - are often ignored, even unconsciously. Topics such as IT security and the integrity of data and business processes hold a high risk potential, and authorities are increasingly pursuing this. Incidentally, managing directors are liable for high fines. This is how medium-sized companies could prevent this.