Oracle Governance, Risk and Compliance

Oracle Governance, Risk and Compliance (GRC) serves as a platform for two components — Enterprise Governance, Risk and Compliance Manager (EGRCM) and Enterprise Governance, Risk and Compliance Controls (EGRCC).

EGRCM forms a documentary record of a company’s strategy for addressing risk and complying with regulatory requirements. It enables users to define risks to the company’s business, controls to mitigate those risks, and other objects, such as business processes to which risks and controls apply.

EGRCC comprises two elements, Application Access Controls Governor (AACG) and Enterprise Transaction Controls Governor (ETCG). These enable users to create models and controls and to run them within business applications to uncover and resolve segregation of duties violations and transaction risk.

These components run as modules in the GRC platform. EGRCC runs as a Continuous Controls Monitoring (CCM) module. EGRCM provides a Financial Governance module by default, and users may create other EGRCM modules to address other areas of the company’s business.

A third component, Oracle Fusion GRC Intelligence (GRCI), provides dashboards and reports that present summary and detailed views of data generated in GRC. GRCI may be embedded in GRC, or run as a standalone application.

Our GRC service offerings include: