PREFACE

My first book, The Manager's Guide to Compliance, was released in April 2006, and provides an introduction to internal controls over risks required to meet financial and technical regulations. While it provided overviews to international standards and regulations, the coverage was limited and did not include country, environmental, or industry-specific guidance. It also became apparent that compliance was part of triad that must encompass both governance and risk.

The inspiration to write a second book came a little over a year ago when we received the news that the first book was to be translated into Chinese demonstrating a growing global interest in compliance and risk related issues. The Governance, Risk, and Compliance (GRC) Handbook is designed to greatly expand the coverage provided in the first book. GRC is now a widely accepted approach that has at its core a holistic approach to governance, risk, and compliance. The reason to treat GRC in a holistic manner is simply that to attack them separately is a costly mistake, causing duplicated efforts and greater chances of failure in all three areas.

The text is designed to be a true handbook in the sense that it provides very wide coverage, but at a higher and introductory level. It includes detailed country and regional guidance for the major economies of the world, guidance for several industries, guidance for national and regional environments, technology tools guidance, operational risk guidance, and more in depth ...