Legal governance,

risk management,
and compliance

Legal governance, risk management, and compliance (LGRC) refers t o t he complex set of
processes, rules, t ools and syst ems used by corporat e legal depart ment s t o adopt , implement
and monit or an int egrat ed approach t o business problems. While Governance, Risk Management ,
and Compliance refers t o a generalized set of t ools for managing a corporat ion or company,
Legal GRC, or LGRC, refers t o a specialized – but similar – set of t ools (ht t p://ro.ecu.edu.au/adf/
[1]
171/) ut ilized by at t orneys, corporat e legal depart ment s, general counsel and law firms t o
govern t hemselves and t heir corporat ions, especially but not exclusively in relat ion t o t he law.[2]
Ot her specializat ions wit hin t he realm of governance, risk management and compliance include
IT GRC and financial GRC. Wit hin t hese t hree realms, t here is a great deal of overlap, part icularly
in large corporat ions t hat have legal and IT depart ment s, as well as financial depart ment s.
Legal governance
Legal governance refers t o t he est ablishment , execut ion and int erpret at ion of processes and
rules put in place by corporat e legal depart ment s in order t o ensure a smoot hly-run legal
depart ment and corporat ion.[3]

Legal risk management

Legal risk management refers t o t he process of evaluat ing alt ernat ive regulat ory and non-
regulat ory responses t o risk and select ing among t hem. Even wit h t he legal realm, t his process
requires knowledge of t he legal, economic and social fact ors, as well as knowledge of t he
business world in which legal t eams operat e.[4] In an organizat ional set t ing, risk management
refers t o t he process by which an organizat ion set s t he risk t olerance, ident ifies pot ent ial risks
and priorit izes t he t olerance for risk based on t he organizat ion's business object ives, and
manages and mit igat es risks t hroughout t he organizat ion.

Legal compliance
Legal compliance is t he process or procedure t o ensure t hat an organizat ion follows relevant
laws, regulat ions and business rules.[5] The definit ion of legal compliance, especially in t he
cont ext of corporat e legal depart ment s, has recent ly been expanded t o include underst anding
and adhering t o et hical codes wit hin ent ire professions, as well. There are t wo requirement s for
an ent erprise t o be compliant wit h t he law, first it s policies need t o be consist ent wit h t he law.
Second, it s policies need t o be complet e wit h respect t o t he law. The role of legal compliance
has also been expanded t o include self-monit oring t he non-governed behavior wit h indust ries and
corporat ions t hat could lead t o workplace indiscret ions.[6] Wit hin t he LGRC realm, it is import ant
t o keep in mind t hat if a st rong legal governance component is in place, risk can be accurat ely
assessed and t he monit oring of legal compliance be carried out efficient ly. It is also import ant t o
realize t hat wit hin t he LGRC framework, legal t eams work closely wit h execut ive t eams and
ot her business depart ment s t o align t heir goals and ensure proper communicat ion.

Legal consistency
Legal consistency is a propert y t hat declares ent erprise policies t o be free of cont radict ions
wit h t he law. Legal consistency has been defined as not having mult iple verdict s for t he same
case.[7] The ant onym Legal inconsistency is defined as having t wo rule t hat cont radict each
ot her.[8] Ot her common definit ions of consist ency refer t o “t reat ing similar cases alike”.[9] In t he
ent erprise cont ext , legal consist ency refers t o “obedience t o t he law”.[10] In t he cont ext of legal
requirement s validat ion, legal consist ency is defined as, " Ent erprise requirement s are legally
consist ent if t hey adhere t o t he legal requirement s and include no cont radict ions."[11]

Legal completeness
Legal completeness is a propert y t hat declares ent erprise policies t o cover all scenarios
included or suggest ed by t he law. Complet eness suggest s t hat t here are no scenarios covered
by t he law t hat cannot be implement ed in t he ent erprise. In addit ion, it implies t hat all scenarios
not allowed by t he law are not allowed by t he ent erprise.

Ent erprise policies are said t o be legally complet e if t hey cont ain no gaps in t he legal sense.
Complet eness can be t hought of in t wo ways:[12] Some scholars make use of a concept of
‘obligat ional’ complet eness such as Ayres and Gert ner.[13] According t o t his usage, a syst em or a
cont ract is ‘obligat ionally’ complet e if it specifies what each part y is t o do in every sit uat ion,
even if t his is not t he opt imal act ion t o t ake under some circumst ances. Ot hers discuss
‘enforceabilit y’ complet eness in t he sense t hat failing t o specify key t erms can lead a court t o
charact erize a syst em as being t oo uncert ain t o enforce (May & But cher v t he King 1934),[14] and
hence a syst em may be complet e wit h respect t o enforceabilit y. This leads t o t he following
definit ion: ent erprise regulat ions or requirement s are legally complet e if it specifies what each
part y is t o do in each sit uat ion while covering all gaps in t he legal sense.[11]

History
Lebogang says.[15] Like t he Sarbanes-Oxley act , legal indust ry t hought leaders saw a need for a
new framework for legal GRC, and borrowed heavily from IT, RIM and ot her indust ries t o t ry t o
come up wit h new, clear processes and rules t o make navigat ing t he choppy wat ers of t he post -
financial crisis legal world go as smoot hly as possible.

Organizations

Legal GRC Center for Innovation

The Legal GRC Cent er for Innovat ion is a nonprofit inst it ut e for t he advancement of t he
concept s and applicat ions of Legal GRC. The LGRC Cent er for Innovat ion serves as a forum for
legal indust ry leaders t o discuss and det ermine ways t o syst emat ize and st reamline wit hin t he
legal indust ry. The membership of t he LGRC-CFI is made up of a group of [t hought leaders] in t he
legal, business, IT, and RIM fields. They meet in online forums and at periodic convent ions and
summit s t o det ermine best pract ices for Legal GRC. The LGRC-CFI also publishes a blog and
several indust ry-specific whit e papers regularly. The LGRC Cent er for Innovat ion addresses legal
governance, risk management , and compliance exclusively.
Institute on Governance
The Inst it ut e on Governance (IOG), alt hough it does not address LGRC exclusively, is a useful
resource for knowledge on governance in general, and has collect ed some significant basics
about legal governance online. The IOG is an independent , Canadian, nonprofit [t hink t ank]
founded in 1990 t o promot e bet t er governance for public benefit . Through our research and
services we help public organizat ions and societ ies realize t heir object ives by put t ing good
governance int o pract ice.

Association of Corporate Counsel

The Associat ion of Corporat e Counsel ("ACC"), formerly t he American Corporat e Counsel
Associat ion ("ACCA"), is an associat ion of in-house counsel, at t orneys who work for corporat ions.
The associat ion publishes t he magazine ACC Docket and arranges one of t he Unit ed St at es’
largest annual meet ings for in-house at t orneys. ACC was founded in 1982. It current ly has more
t han 24,000 members from over 10,500 corporat ions in 77 count ries.[1] The ACC does not
address LGRC exclusively, but can be credit ed wit h laying some foundat ions for corporat ions –
t he original pract it ioners of governance, risk management , and compliance – and legal
depart ment s t o begin t o work t oget her on overarching issues of governance, risk management ,
and compliance.

See also

Enterprise legal management

 Governance, risk management, and
compliance

References

1. Adams, R., Mann, G., & Hobbs, V. (2017).

ISEEK, a tool for high speed, concurrent,
distributed forensic data acquisition. Paper
presented in Valli, C. (Ed.). The Proceedings
of 15th Australian Digital Forensics
Conference 5–6 December 2017, Edith
Cowan University, Perth, Australia
2. Musthaler, Linda and Brian. Governance,
risk management and compliance and
what it means to you. Network World,
March 7, 2007. (http://www.networkworld.c
om/newsletters/techexec/2007/0507teche
xec1.html)
3. Konkle, Joshua L. Legal risk management
requires a corporate strategy, mindset and
commitment. DCIG,January 9, 2008. (http://
www.dciginc.com/2008/01/interview-with-
stephen-whetstone-pt1.html)
4. US Army Corps of Engineers Glossary.
August 1998. (http://www.fusrapmaywood.
com/factsheet/gloss.htm) Archived (http
s://web.archive.org/web/2008112013240
2/http://www.fusrapmaywood.com/factshe
et/gloss.htm) 2008-11-20 at the Wayback
Machine
5. "Home | Staff | Records Management |
Definitions" (https://web.archive.org/web/2
0081205103206/http://www.nmsbvi.k12.n
m.us/Records/records_def.htm) . Archived
from the original (http://www.nmsbvi.k12.n
m.us/Records/records_def.htm) on 2008-
12-05. Retrieved 2008-11-10.
6. Bauer, Christopher. An ethics self-exam:
ethical compliances is not just an issue for
external review; auditors must look inward
to ensure their own integrity is not
compromised. Bnet, June 2004. (http://find
articles.com/p/articles/mi_m4153/is_3_6
1/ai_n6153200) Archived (https://web.arc
hive.org/web/20071218141809/http://find
articles.com/p/articles/mi_m4153/is_3_6
1/ai_n6153200) 2007-12-18 at the
Wayback Machine
7. International Law and International
Relations: An International Organization
Reader. By Beth A. Simmons, Richard H.
Steinberg Contributor Beth A. Simmons,
Richard H. Steinberg Edition: illustrated
Published by Cambridge University Press,
2007. ISBN 0-521-86186-1, ISBN 978-0-
521-86186-1
8. Legisprudence: A New Theoretical
Approach to Legislation : Proceedings of
the Fourth Benelux-Scandinavian
Symposium on Legal Theory By Luc
Wintgens Contributor Luc Wintgens Edition:
illustrated Published by Hart Publishing,
1998 ISBN 1-84113-342-6, ISBN 978-1-
84113-342-3
 9. Law and justice in the courts of classical
Athens By Adriaan Lanni Published by
Cambridge University Press, 2006 ISBN 0-
521-85759-7, ISBN 978-0-521-85759-8
10. The Measurement of Moral Judgment By
Anne Colby, Lawrence Kohlberg Contributor
Lawrence Kohlberg Edition: illustrated
Published by CUP Archive, 1987 ISBN 0-
521-32501-3, ISBN 978-0-521-32501-1
11. Hassan, Waël. PhD Thesis. University of
Ottawa. University of Ottawa Press. 2009
12. Armour, J. Share Capital and Creditor
Protection: Efficient Rules for a Modern
Company Law. ESRC Centre for Business
Research - Working Papers wp148, ESRC
Centre for Business Research. 1999.
13. Ayres, Ian and Gertner, Robert (1992),
‘Strategic Contractual Inefficiency and the
Optimal Choice of Legal Rules’, 101 Yale
Law Journal 729
14. Cases and Materials on Contracts By S. M.
Waddams, Waddams, S. M., 1942-,
Waddams, Trebilcock, mccamus, Neyers,
Waldron Edition: 3 Published by Emond
Montgomery Publication, 2005 ISBN 1-
55239-166-3, ISBN 978-1-55239-166-2
15. Kim, Won-Kyu. The effect of industrial
restructuring policy post-financial crisis.
September/October 2007. (https://web.arc
hive.org/web/20110530070924/http://220.
72.21.21/pub/docu/kr/AA/04/AA042007S
AF/AA04-2007-SAF-001.PDF)
External links

Institute on Governance home page (htt

p://iog.ca/)
Legal GRC Center for Innovation home
page (https://web.archive.org/web/2009
0214004034/http://www.legalgrc.org/)
Global Community of Experts (https://w
ww.legalgrc.org/)

Retrieved from
"https://en.wikipedia.org/w/index.php?
title=Legal_governance,_risk_management,_and_c
ompliance&oldid=1121251570"
This page was last edited on 11 November 2022,
at 09:27 (UTC). •
Content is available under CC BY-SA 4.0 unless
otherwise noted.