I have our GRC team wanting to utilize their GRC module for Policy Compliance for all of my agencies Knowledge documents pertaining to Process, Procedures, and Standards. Non of these documents are security based so I am a little confused on why they would want to integrate. I always felt that GRC was for security policies, but I may be wrong. Is this a viable solution? I am against it at the moment because it means training people on a whole new submission method and extra licensing. Any advise or suggestions based on past or current experiences?
