A Maturity Model for Integrated GRC


Over the past 12 years, since the first release of the OCEG GRC Capability Model (Red Book), organizations in countries all over the world, have embraced the concept of integrated GRC.

They have, at various speeds and starting points, evolved their GRC capabilities in organizational structure, processes and technologies. Yet, many questions remain about what represents GRC maturity in organizations of different types and sizes.

To address these questions, RSA Archer, an OCEG GRC Solutions Council member and a leader in GRC technology, has developed the Maturity Model for Integrated GRC drawing from the real world experience of some of its largest users.

In this eBook, you will find a discussion about ways that GRC structures, practices and technologies change as maturity for GRC capability grows and ways to describe the benefits your organization will gain as you mature your own GRC capabilities.