Three lines of defence

The problem with GRC

Boards may care more about products and profits than governance, risk and compliance (GRC). But without an effective GRC programme, the fun soon stops when trouble calls, says Michael Gibbs, chief executive of SureStep Risk + Analytics

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here: