GRC Illustrated Series: #3 IT Roadmap For GRC resource GRC Illustrated Member contributionOCEG Reviewed
GRC Illustrated Series: #16 How Do We Integrate IT to Enable GRC? resource GRC Illustrated OCEG Reviewed
Making GRC part of the DNA of your organization includes establishing a sound backbone of information technology to automate and enable GRC processes
Read more
GRC Technology Solutions Guide v. 2.1 resource Guides OCEG Reviewed
The GRC Technology Solutions Guide identifies and defines categories of technology that have a role in supporting the GRC system and specifically the Elements of the GRC Capability Model™. The Guide categorizes these Technology Categories by:
GRC Solutions Council group
The OCEG GRC Solutions Council develops tools, guidelines, frameworks and related resources designed to help all organizations align their IT resources with GRC capabilities. Membership in the Technology Council is only available to OCEG Enterprise Members. For more information and membership requirements, please contact techchair@oceg.org.
The OCEG GRC Solutions Council, comprised of corporate end-users and GRC software, information management and services providers.
OCEG GRC Blueprint Draft - V 0.4 resource Guides OCEG Reviewed
The Second draft revision of the OCEG GRC Blueprint
Read more
ISACA IS Standards, Guidelines and Procedures for Auditing and Control Professionals resource Guides OCEG Reviewed
GAIT for Business and IT Risk (GAIT-R) (The IIA, 2008) resource White Papers OCEG Reviewed
Introduction: GAIT for Business and IT Risk (GAIT-R) is a methodology for identifying all the key controls that are critical to achieving business goals and objectives. GAIT-R identifies the critical aspects of IT that are essential to the management and mitigation of organizational risk, generically described in this document as business risk. These critical IT functionalities and their corresponding risks can then be considered when planning audit work.
Read more
Email archiving UK law, regulations and implications for business (2007) resource White Papers OCEG Reviewed
The concept of information governance is not a new one, but the challenge posed by the sheer volume of information generated by email is. Even organisations with well-defined and well-enforced policies on the use of traditional communications have struggled to police electronic communications.
Free Registration Required for Download
Read more
Tools for Defense In-Depth: SANS What Works resource Case Studies OCEG Reviewed
WhatWorks is a user-to-user program in which managers from organizations that have implemented each of the effective internet security technologies tell a complete story of why they deployed it, how it works, how they know it actually improves security, what problems they faced, and what lessons they learned.
New tools and interviews are added monthly.
Read more
