Big Ideas In GRC
Select a section from the dropdown
  • OCEG is the global, nonprofit think tank that invented GRC and that promotes the attainment of Principled Performance the ability to reliably achieve objectives while addressing uncertainty and acting with integrity. OCEG informs and empowers a community of more than 65,000 members worldwide, helping to advance knowledge of how to integrate and mature governance, risk management, and compliance. Independent of specific professions and domains of risk, we provide content, best practices, education, and certifications to drive leadership and business strategy through the application of the OCEG GRC Capability Model. OCEG's GRC Professional (GRCP) and GRC Audit (GRCA) certifications are the only credentials that evidence an individual's capability to apply the GRC Capability Model and assist organizations in improving GRC. OCEG's GRC Capability Model (also known as the OCEG Red Book) provides open source standards, available for free. Founded in 2002, OCEG is headquartered in Phoenix, Arizona. To access the OCEG Red Book and for more information, visit
  • OCEG GRC Capability Model, v 3.0Available to All Users This Authority Document has 270 citations mapped to 209 UCF Common Control IDs. The document as a whole was last reviewed and released on 2017-06-29. Click HERE to access the document in the Common Controls Hub.
  • Contact Us

      First Name:

      Last Name:

      Email address:

      Tell us what you’re interested in, select all that apply:

      Send us your questions:

      This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
    • November 2017

      Wednesday 11/08/17 | 10:00 am (PST) - 1:00 pm (PST)

      Do You Know What the Unified Compliance/OCEG Integration Means to You?

      Do you know how the integration of the OCEG CRG Capability Model (OCEG Redbook) into the Unified Compliance Framework® (UCF®) can help support your GRC efforts? Are you interested in having access to the OCEG Redbook?

      View More

      July 2017

      Thursday 07/13/17 | 8:00 am (PST)

      Taking Integration to the Next Level: Using the GRC Capability Model in the Unified Compliance Framework

      Satisfying a myriad of regulatory compliance requirements and fulfilling obligations imposed by a wide range of standards, frameworks and guidance is a challenging task, but it is essential if you are striving for Principled Performance.

      View More

    • Upcoming Events