Is there value in the term GRC, or is it all hype?
I wrote about a recent IIA publication that included the OCEG definition of GRC, lauding the IIA for doing so and agreeing with the definition.
Since then, the term “GRC” has been attacked by risk practitioners (primarily, although also by some internal audit executives) as hype.
Where do you stand?
Please go to http://www.theiia.org/blogs/marks/ and share your views, whether you agree that it is hype or believe it adds a valuable perspective.