TMCnet News
OCEG Releases Updated GRC Capability Model Open Source StandardsSCOTTSDALE, Ariz. --(Business Wire)-- OCEG, a nonprofit think tank, has released version 2.1 of its GRC Capability Model ("the Red Book"), which contains open source standards that organizations may use to improve governance, management and assurance of performance, risk and compliance plans and actions. "This update to the Red Book has benefitted from the input of hundreds of experts in the drafting of earlier versions, and from feedback provided by organizations that have applied it over the past eight years," says OCEG Chair Scott L. Mitchell. "With this revision, we clarify the integrated relationship between risk, compliance and performance management, and the governance, assurance and management of each." "We have also provided an open source share and share alikelicense for the Red Book," says OCEG President Carole Switzer, "which allows anyone to use and build upon the Red Book with open source expansions. This means, for example, that a company may import the standards into any software solution they want to use, or may build training materials around the standards. Not only that, but anyone may download a copy of the Red Book for free from the OCEG website." "The free and open source nature of the Red Book sets it apart from many other standards, which must be purchased for each use," says Mr. Mitchell, "and we hope that this model will be considered and followed by other standard issuing organizations." The OCEG Red Book is available for download at www.oceg.org/standards. Hard copies or spreadsheet versions may be purchased through the OCEG online store at www.oceg.org/catalog/standards-and-guides. A companion resource, the GRC Assessment Toolkit, is also available through the store. |
