Faced with complex, dynamic, and distributed business operations, organizations are turning to a structured approach for governance, risk, and compliance (GRC) to manage their business environments. This involves implementing a federated GRC organizational structure where enterprise risk and compliance are aligned centrally with corporate governance and reporting but are distributed to lines of business to assign ownership and accountability for risk and compliance.