What is it?

The GRC Capability Model is the core GRC standard that provides:

• Unified vocabulary across disciplines
• Defined common components and elements
• Defined common information requirements
• Standardized practices for things like policies and training
• Identified communication for everyone involved; including strategic decision-makers

3.5 is being translated now! We have the following languages available for previous version 3.0:

Access GRC Capability Model 3.5

What is it?

The GRC Assessment Tools provides everything you need to assess or audit GRC Capabilities including:

• Helps organizations evaluate the design and operating effectiveness of their GRC capabilities
• Reduces the cost of such evaluations by eliminating the time and expense of creating procedures
• Provides standard methods for external judgment and recognition of sound practices
• Offers a review process that enables creation of prioritized improvement plans
• Raises the level of maturity and quality of GRC capabilities in all organizations

Access GRC Assessment Tools

Quickly learn, master, and apply the principles and practices you need to support your organization. Follow a proven blueprint to build your Policy Management Program.

Developed by the OCEG team and vetted by an international review board of policy management professionals, the Policy Management Capability Model is a definitive standard that can be used and updated by anyone for free.

Access Policy Management Capability Model

Quickly learn, master, and apply the principles and practices you need to support your organization. Follow a proven blueprint to build your Data Privacy Program.

Developed by the OCEG team and vetted by an international review board of data privacy professionals, the Data Privacy Capability Model is a definitive standard that can be used and updated by anyone for free.

Access Data Privacy Capability Model