The frameworks and tools, such as policies, procedures, controls and decision-making hierarchy, employed to manage risk in the business. GRC systems partially automate risk management processes, such as onboarding, ongoing oversight, compliance, incident/issue management and maintenance of Third Party risk registers and inventories.