Governance, Risk and Compliance (GRC)

The Pathway to Principled Performance

If Principled Performance is the goal, then integrated GRC is the pathway to get there.

Improve GRC

Improve GRC

Plan, Assess, and Improve Your GRC

Integrating GRC capabilities is key to achieving Principled Performance. OCEG’s 2015 GRC Maturity Survey found that 25% of respondents had fully or substantially integrated GRC processes and technology, while 44% were still dealing with silos and disjointed GRC.No matter what the state of your GRC capabilities, OCEG can help.

Improve GRC

GRC Improvement

A great place to begin your GRC improvement project is the OCEG GRC Capability Model (Red Book). The model is created in collaboration with GRC industry experts, OCEG’s Solution Council and GRC professionals like you.

The Red Book provides a high-level overview of how integrated GRC capabilities help organizations achieve Principled Performance, and drills into the components, elements, and practices GRC professionals should consider when planning, assessing, and improving their GRC capabilities.

Drill Deeper with These GRC Improvement Tools

GRC Assessment Tool

To drill deeper into assessing your GRC capabilities, download the OCEG GRC Assessment Tool (Burgundy Book). The Burgundy Book gives you a common set of assessment procedures that align to the OCEG GRC Capabilities Model. You can use it to:

  • Evaluate an individual risk specific program (like anti-fraud or privacy)
  • Assess a single business unit or sub-capability (like risk management, hotline, or training)
  • Conduct a full-scale GRC capability review.

GRC Technology Solutions Guide

The OCEG GRC Technology Solutions Guide helps you and your IT teams plan and improve the application of technology solutions to achieve a successful GRC strategy (and enable your organization to achieve Principled Performance). The quantity, quality and expansive locations of information throughout an organization require an integrated and well-architected technology support structure for your GRC capabilities.

Benchmark Your GRC Capabilities

Where you stand, in relation to your peers and organizations like yours, can help you build a business case, and inspire executives and your board members to take action to improve your GRC capabilities. You can find benchmarking reports from OCEG surveys: 

Access GRC Standards, Tools, and Research

An OCEG All Access Pass opens the door to resources that will help you plan, assess, and improve your GRC capabilities. Learn more.

Get Started Kit

Need more information? Join OCEG (it’s free) and download our Get Started Kit that includes 4 helpful infographics:

  1. Pathway to Principled Performance
  2. The Business Case for Integrated GRC
  3. IT Roadmap for GRC
  4. About OCEG

GRC Helps People Like You

Use the acronym GRACE-IT to remember all of the roles that must work together to achieve Principled Performance

Learn how multiple roles work together