APIs break new ground with respect to governance, risk, and compliance (GRC). By their nature, APIs are meant to enable transactional business activity without prior restraint, and they are major tools for innovation and experimentation. APIs save organizations money through reuse and consistency. These characteristics can ultimately make governance easier.
At the same time, APIs provide access to business assets that are sensitive, valuable, and must be protected, which raises GRC concerns. This paper shows how GRC and APIs interact in today’s enterprises. Furthermore, it shows that using an API management platform can streamline governance and compliance.