GRC Audit: Live Focus Session

Highlights

• Learn the core principles and components of a GRC Audit framework
• Ask questions about the GRCA body of knowledge
• Prepare for the GRCA Exam

As oversight demands rise, many organizations still treat audit, risk, compliance, security, and privacy as separate programs with separate evidence, separate reporting, and separate “truths.” That fragmentation makes assurance harder, increases duplication, and leaves leaders without a clear view of what’s working, what’s weak, and what actually matters.

In this webinar, Adrian Resag will introduce the core concepts behind OCEG™’s GRC Auditor™ (GRCA™) certification and the capability-based approach that supports it. You’ll learn how to apply audit and assurance skills to evaluate established or planned GRC capabilities—and how to report meaningful strengths and weaknesses across governance, strategy, performance management, risk management, compliance, ethics, internal control, security, privacy, and audit activities.

We’ll also cover what “auditing GRC” looks like in practice: evaluating how well GRC capabilities are designed and operating, testing consistency across functions, and communicating results in a way that improves decisions—not just checklists.

This session is designed to be accessible for professionals at any stage—whether you’re an auditor expanding into enterprise GRC, a GRC leader who wants stronger assurance over capabilities, or a risk/compliance/security professional who needs a clearer, more audit-ready approach.

Who Should Attend

• Internal audit and assurance teams (including IT audit)
• GRC and governance program leaders
• Risk management and compliance professionals
• Information security and privacy professionals
• Control owners and operations leaders responsible for evidence, testing, and remediation

Speaker

Adrian Resag, Chief Academic Director, OCEG™