GRC-XML Whitepaper resource White Papers OCEG Reviewed
This whitepaper addresses the need for, and pathway to, the development of GRC-XML, technical standards providing a common language for risk and controls. As the GRC-XML Jurisdiction (provisional) within the XBRL organization, OCEG is undertaking the development of these open standards.
"Understanding GRC-XML - A Primer on the Standard Taxonomy for GRC Technologies" event WebinarOCEGRecorded
Thursday December 10, 2009 2:00pm - 3:00pm
Have you heard of XBRL? Do you have trouble moving data from one GRC tool to another? Would you like to simplify the way you use technology and gain greater visibility into your organization's GRC information?
ISO/IEC 27006:2007 Order Page: Information technology -- Security techniques -- Requirements for bodies providing audit and certification of information security management systems (2007) resource Books / Publications OCEG Reviewed
ISO/IEC 27006:2007 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification.
Read more
