OCEG, the Open Compliance and Ethics Group, has long talked about GRC as the set of capabilities that enable an organization to reliably achieve its objectives, while addressing uncertainty and acting with integrity. This outcome is what we call Principled Performance, and it demands a mature, integrative approach to governance, risk management ,and compliance, the component parts of GRC. The value of mature GRC capabilities can be summed up through another acronymABC: Aware, Bespoke, and Confident. And while these are not the only attributes of effective GRC, together these three offer the opportunity for greater success that most organizations have failed to grasp, at least up until now.