Technology Council group
The OCEG Technology Council develops tools, guidelines, frameworks and related resources designed to help all organizations align their IT resources with GRC capabilities. Membership in the Technology Council is only available to OCEG Enterprise Members. For more information and membership requirements, please contact techchair@oceg.org.
The OCEG Technology Council, comprised of corporate end-users and GRC software, information management and services providers.
CSO Security and Risk Magazine Archive resource Books / Publications OCEG Reviewed
CSO publishes articles and white papers about isues that include network security, privacy, identity management and theft, preparedness, employee protection, leadership, compliance, and fraud.
Read more
AICPA, Trust Services Principles, Criteria and Illustrations for Security, Availability, Processing Integrity, Confidentiality, and Privacy (Including WebTrust® and SysTrust®) (2006) resource Guides OCEG Reviewed
The Trust Services Principles, Criteria, and Illustrations present criteria established by the Assurance Services Executive Committee of the AICPA for use by practitioners when providing attestation services on systems in the subject matters of security, availability, processing integrity, privacy, confidentiality, and certification authorities.
Read more
ISM3 Model V2.1 Overview resource Presentation Slides OCEG Reviewed
The July 29, 2008 GRC Roadmap Work Group Overview of ISM3, Delivered by Vicente Aceituno
Read more
ISM3 Model V 2.0 resource Guides OCEG Reviewed
The Information Security Management Maturity Model from the ISM3 Consortium
Read more
Information Security Forum resource Organizations & Associations OCEG Reviewed
The Information Security Forum (ISF) is an independent authority on information security.
Read more
MENTISoftware Becomes the Latest Member of the OCEG Technology Council- OCEG News
news
New York, NY and Phoenix, AZ – February 14, 2008— MENTISoftware (MENTIS) and The Open Compliance and Ethics Group (OCEG) today announced that MENTIS, a thought leader and software solutions provider in the GRC landscape, has joined the OCEG Technology Council as the newest corporate member. MENTIS is excited to contribute their experience in automated strategic controls, compliance management, and audit software to OCEG’s extensive GRC technology programs and initiatives – which are focused on improving compliance, risk and policy management capabilities.
Read more
Governing for Enterprise Security Implementation Guide (GES) resource Guides Member contributionOCEG Reviewed
This guide is designed to help business leaders implement an effective program to govern information technology (IT) and information security. Our objective is to help you make well-informed decisions about many important components of GES such as adjusting organizational structure, designating roles and responsibilities, allocating resources (including security investments), managing risks, measuring results, and gauging the adequacy of security audits and reviews.
Read more
New Reality: Response to 21st Century Threats, The (2007) resource Articles Member contributionOCEG Reviewed
Today’s demands prompt the need for careful examination of a company’s readiness to deal with the unexpected and undetected. New thinking must go far beyond traditional crisis communications planning. No company can feel secure following the paths of the past.
Read more
Workplace Violence Prevention and Response Guideline (2005) resource White Papers Member contributionOCEG Reviewed
The Workplace Violence Prevention and Response Guideline applies to both private and public sector organizations.
Read more
