P4. Education

Order by:Group by:
FILTER BY:
GRC Illustrated Series: #21 How Should We Educate and Communicate About Compliance Risks? resource GRC Illustrated OCEG Reviewed
Thumbnail

As regulatory demands and cost-reduction pressures increase, executives want to know how compliance risk training and communication can be made more effective and more efficient.

Read more
BEST BUY GRC ACHIEVEMENT AWARD 2010 PRESENTATION resource Presentation Slides

A presentation of the BEST BUY project that won a 2010 OCEG GRC ACHIEVEMENT AWARD.

Read more
OCEG for Technology marketing
The OCEG Technology Council (TC) was formed to address strategic, operational and technical issues that professionals face when applying Information Technology to governance, risk, compliance (GRC) and ethics management. Technology Council members meet monthly in specialized working groups focused on GRC technology standards, implementation tools and taxonomy. The entire council convenes to review the progress of the working groups, discuss key issues facing GRC and IT professionals, and to identify new technology program opportunties for OCEG.
Read more
Why is GRC important? blog
Submitted by nmarks on May, 17 2010

I have been blogging about what GRC is, advocating the definition developed by the Open Compliance and Ethics Group, OCEG (see this and subsequent posts). But, I haven’t really talked about why the concept of GRC has value.

Read more
Business Continuity Maturity Model® (BCMM®) resource OCEG Reviewed
The Business Continuity Maturity Model® (BCMM®) is a free open access tool created to assist businesses in building and maintaining a sustainable BC program. New standards for business continuity are continuously emerging, pressuring BC managers to find a business continuity program diagnostic tool that is objective, consistent and repeatable.
Read more
OCEG One Minute Poll: What is Your Strategy for Compliance Training & Technology? resource OMP - One Minute Poll OCEG Reviewed
Thumbnail

Quick research poll of the OCEG worldwide membership. August 2009

 

 

 

 

 

Read more
AS8015-2005 - Australian Standard for Corporate Governance of Information and Communication Technology (ICT) resource International Materials OCEG Reviewed
The standard provides a framework through which "Directors", those to whom they turn to for advice or those to whom they delegate responsibilities for managing the operations of the organisation, such as Senior managers, technical specialists, vendors and service providers, can understand their obligations and work more effectively to maximise the return and minimise the cost of ICT to their organisations.   AS8015 was adopted as ISO/IEC 38500 in May 2008.
Read more
SAI Global GRC Software

SAI Global’s GRC Platform provides a flexible software solution to manage and profile risks, compliance obligations, incidents and cases, policies, and learning across the organization. Specific applications include configurations for environmental, health and safety use and for bribery and corruption risk management. A full utilization of SAI Global's software enables integration with SAI Global's Learning & Communication Platform and a single view across highly decentralized global operations. This inevitably results in better use of human capital, reduced costs, increased transparency and improved business results. A partial list of solution components, deployable as standalone elements or integrated, include risk assessment and profiling; obligations management; case and incident management; policy management; registries to manage gifts, hospitality, entertainment, facilitation payments and conflicts of interests; audit management; integration with hotline; and a fully configurable GRC Dashboard that integrates with learning and communication.

  • IT.02 - Board and Entity Management
  • IT.05 - Compliance Management
  • IT.11 - Environmental, Health, and Safety
  • IT.14 - Global Trade Compliance/International Dealings
  • IT.15 - Hotline/Helpline
  • IT.19 - Issue and Investigations Management
  • IT.22 - Policy Mgmt, Communication & Training
  • IT.23 - Privacy Management
  • IT.26 - Risk Management
  • IT.26 - Regulatory Intelligence and Monitoring
  • IT.28 - 3rd Party/Vendor Risk & Compliance
  • (C) Context
  • M1. Context Monitoring
  • P1. Proactive Actions & Controls
  • R1. Responsive Actions & Controls
  • D2. Notification
  • M2. Performance Monitoring
  • P2. Codes Of Conduct
  • R2. Internal Investigation
  • D3. Inquiry
  • P3. Policies
  • R3. 3rd Party Inquiry & Investigation
  • M4. Assurance
  • P4. Education
  • (O) Organize
  • (A) Assess
  • (I) Interact
Read more
Federal Sentencing Guidelines Manual §8B2.1. Effective Compliance and Ethics Program (2010) resource Agency Guidances Member contributionOCEG Reviewed

To have an effective compliance and ethics program, for purposes of subsection (f) of §8C2.5 (Culpability Score) and subsection (c)(1) of §8D1.4 (Recommended Conditions of Probation - Organizations), an organization shall -

Read more
COSO, Internal Control - Integrated Framework Guidance on Monitoring, Internal Control Systems, Volume III - Application Techniques (Exposure Draft, June 2008) resource Guides  OCEG Reviewed
Public Comment Period Closed August 15, 2008   This volume (Application Techniques or Volume III) of COSO’s Guidance on Monitoring Internal Control Systems illustrates techniques used by organizations in applying principles outlined in Volume II (the Guidance).   This material is designed to be useful to those seeking to apply internal control monitoring techniques.
Read more
Related terms
P7. Risk Financing
P5. Incentives
P4. Education
P2. Codes Of Conduct
P1. Proactive Actions & Controls
P3. Policies
P6. Stakeholder Relations