IT governance, IT risk management, and IT compliance are three distinct disciplines that in the past have existed in silos within organizations. Today, many organizations no longer see these activities as individual, one-time projects handled in separate parts of the IT organization. Rather, they are finding that there are a lot of commonalities and interrelationships that exist between these three areas. Adopting a unified IT governance, risk management, and compliance (IT GRC) approach and managing the associated activities coherently will create efficiencies, provide a holistic view of the IT environment, and ensure accountability.