Governance: The frameworks of an organization’s activities and
whether or not they are aligned with business objectives. Activities
include processes, structures, and policies that are meant to manage and
monitor company activities.
Risk: A sustained process of addressing risks, mitigating risks
through controls, and providing assurance that the risks are managed
according to policies. This includes measurement of risk, assessment,
retention, monitoring, and identification.
Compliance: Ensuring that activities within an organization operate in a way that are aligned with laws and regulations.