Capability Certification

Do you want to demonstrate to your board that your GRC Capability, or some aspect of your capability is appropriately designed to prevent, detect and correct misconduct and non-compliance?

Do you want assurance that your organization has a well planned and implemented approach to the integration of governance, risk management and compliance (GRC) which enables Principled Performance™?

Do you want to show your stakeholders that you are following a publicly vetted and accepted framework of standards for GRC that strengthens your business performance while protecting and growing value?

Then you should obtain OCEG’s GRC Capability Assessment and Certification program.

Goals of the GRC Capability Assessment and Certification program:

  • Help organizations evaluate the design and operating effectiveness of their GRC systems.
  • Reduce the cost of such evaluations by eliminating the time and expense of creating custom review procedures.
  • Raise the overall level of maturity and quality of organizational GRC globally by helping individual organizations create their prioritized improvement plans.
  • Provide external judgment and recognition of sound practices.

GRC Capability Certification will be provided by OCEG based upon the findings in a qualified third-party report using the GRC Assessment Tools (Burgundy Book)

The OCEG GRC Capability Assessment and Certification program is designed to be scalable to a review of individual risk-specific programs (i.e., anti-fraud program, privacy program, etc.), discrete business units, sub-capabilities (i.e., hotline, risk management, values management, training, etc.) or at an enterprise level.