Perform GRC Actions and Controls for Principled Performance

All organizations must address threats, opportunities and requirements by encouraging desired conduct and conditions and preventing what is undesired.  Organizations need to establish a mix of proactive, detective and responsive actions and controls, supported by strong analytics based on strategic objectives, risk appetite and capacity, and risk decision-making guidance established by leadership.

 

Developed by OCEG with contributions from MetricStream and Convercent.