menu
Big Ideas In GRC
Select a section from the dropdown
  • OCEG is the global, nonprofit think tank that invented GRC and that promotes the attainment of Principled Performance the ability to reliably achieve objectives while addressing uncertainty and acting with integrity. OCEG informs and empowers a community of more than 65,000 members worldwide, helping to advance knowledge of how to integrate and mature governance, risk management, and compliance.

    Independent of specific professions and domains of risk, we provide content, best practices, education, and certifications to drive leadership and business strategy through the application of the OCEG GRC Capability Model. OCEG's GRC Professional (GRCP) and GRC Audit (GRCA) certifications are the only credentials that evidence an individual's capability to apply the GRC Capability Model and assist organizations in improving GRC.

    OCEG's GRC Capability Model (also known as the OCEG Red Book) provides open source standards, available for free. Founded in 2002, OCEG is headquartered in Phoenix, Arizona. To access the OCEG Red Book and for more information, visit www.oceg.org.

  • OCEG GRC Capability Model, v 3.0Available to All Users

    This Authority Document has 270 citations mapped to 209 UCF Common Control IDs. The document as a whole was last reviewed and released on 2017-06-29.

    Click HERE to access the document in the Common Controls Hub.

  • Contact Us

    First Name:

    Last Name:

    Email address:

    Tell us what you’re interested in, select all that apply:

    Send us your questions:

  • November 2017

    Wednesday 11/08/17 | 10:00 am (PST) - 1:00 pm (PST)

    Do You Know What the Unified Compliance/OCEG Integration Means to You?

    Do you know how the integration of the OCEG CRG Capability Model (OCEG Redbook) into the Unified Compliance Framework® (UCF®) can help support your GRC efforts? Are you interested in having access to the OCEG Redbook?

    View More

    ACTIONS

    Launch Webinar

    July 2017

    Thursday 07/13/17 | 8:00 am (PST)

    Taking Integration to the Next Level: Using the GRC Capability Model in the Unified Compliance Framework

    Satisfying a myriad of regulatory compliance requirements and fulfilling obligations imposed by a wide range of standards, frameworks and guidance is a challenging task, but it is essential if you are striving for Principled Performance.

    View More

    ACTIONS

    Launch Webinar

    • 05/10/18
      GDPR and Breach Notification: Is the Boogeyman Really Coming for You?

      When Good Enough Really Is. . .  Good Enough If you are struggling with GDPR compliance, you need to join us for a webinar that will help you streamline your GDPR preparations into a manageable …

      Read More
    • 03/01/18
      Do You Know What the Unified Compliance/OCEG Integration Means to You?

      Do you know how the integration of the OCEG CRG Capability Model (OCEG Redbook) into the Unified Compliance Framework® (UCF®) can help support your GRC efforts?  Are you interested in having access to the OCEG …

      Read More
  • Upcoming Events