GRC

Governance, Risk, and Compliance (GRC) is an operational strategy that helps organizations align IT activities to business objectives, manage risk effectively, and stay in compliance with government and industry regulations.

Explore functional areas and job roles associated with GRC

Whether you’re transitioning into GRC or looking to begin your career, this diagram can help you navigate your professional advancement.

Common Feeder Functional Areas IT Risk Analysis IT Compliance IT Governance Privacy Compliance IT Auditing Common Next Functional Areas IT Risk Consulting Information SecurityManagement Privacy Management IT Audit Management GRC US$122kAverage Annual Salary Entry -Mid-Level DIRECTLY RELATED ROLES GRC Analyst GRC Consultant GRC Manager Assistant VicePresident, GRC
IT Risk Analysis IT Compliance IT Governance Privacy Compliance IT Auditing Common Feeder Functional Areas Data Governance Analyst Data Governance Manager GRC Manager Assistant VicePresident, GRC DIRECTLY RELATED ROLES IT AuditManagement US$135kAverage Annual Salary Senior Level Common Next Functional Areas IT Risk Consulting Information SecurityManagement Privacy Management IT Audit Management

Employer requirements for GRC roles

According to market employment data, these are the most prominent business skills required to excel in the GRC area and requested by employers:

  • Governance, Risk Management, and Compliance
  • Auditing
  • Governance
  • Risk Management
  • Risk Analysis
  • Communication
  • Management
  • Cybersecurity
  • Computer Science

GRC roles generally require an undergraduate degree.

Advance your knowledge and skills in this functional area

ISACA resources are designed to help you expand your knowledge, develop relevant skills, and stay current in this functional area. To learn more about specific job roles and explore additional resources, click on any directly related job roles above.

AI Governance: Principles, Strategies and Business Alignment
Online Course

AI Governance: Principles, Strategies and Business Alignment Course

AI in general may not be new, but the explosion of generative AI has thrust the topic into headlines with regards to bias, ethical usage, intellectual property rights, privacy and use of technology just to name a few.
COBIT
Resource

COBIT

COBIT: a framework for enterprise governance of information and technology.

Policy Template Library Toolkit
Tool

Policy Template Library Toolkit | Digital | English

Policies are designed to formally document and communicate required and prohibited activities and behaviors to guide enterprise operational processes.
Local chapters - people in conference room
Membership

ISACA Local Chapters: Connect with Professionals Near You | ISACA

Find an ISACA chapter near you and connect with other professionals in your field. ISACA has over 200 chapters worldwide, offering a variety of benefits to members, including networking, education, and career development opportunities.
Member-Exclusive Leadership Series
Membership

Member-Exclusive Leadership Series

Grow your leadership skills with member-exclusive access to expert-led events. Earn free CPE while learning to lead yourself, others, and your organization with confidence.
A conference room
Training

Conferences

Attend an upcoming ISACA conference to build skills and earn CPEs. Learn from global experts and engage with the IS/IT community through dynamic sessions.

Looking for a different path?

Explore other role areas and find the one that aligns with your career goals.

See more role areas