In this chapter, we have introduced the GRC Concepts and explained the breadth of tools that Oracle has, to address the GRC problems. We have introduced the fictional company with whom we will be taking the governance, risk, and compliance journey. We have also introduced the key roles that have a stake in the governance, risk, and compliance process and explained what that stake is. We have shown the overall risk management and compliance process at a very high level to see how the information comes together for the signing officers to certify to the investors in the enterprise that the risks are managed and the controls are effective. We have illustrated how a sample process, risk, and control are related to a financial statement line for a subsidiary within the enterprise and explained how the process can move from an ad hoc manual process to a repeatable, automated, and optimized solution over time.

In the next chapter we will introduce the Governance theme with Corporate Governance. We will take a look at key strategic issues that Infission faces as an enterprise and also how to craft and communicate the strategic intent of Infission.