Governance: The frameworks of an organisation’s activities and whether or not they are aligned with business objectives. Activities include processes, structures and policies that are meant to manage and monitor company activities.
Risk: A sustained process of addressing risks, mitigating risks through controls and providing assurance that the risks are managed according to policies. This includes measurement of risk, assessment, retention, monitoring and identification.
Compliance: Ensuring that activities within an organisation operate in a way that is aligned with laws and regulations.