New GRC architecture certification coming soon
To promote its Red Book standard for GRC processes, the OCEG will be adding another certification program. The think tank and standards organization already offers two: a capability certification for companies bent on demonstrating the soundness of their GRC programs and an individual certification for employees that want to demonstrate their savvy in this area. In 2014, the group is expected to launch a "Certified GRC Enterprise Architect" designation.
GRC architecture is expected to be the next phase of GRC maturity for many companies, especially those that are well beyond establishing basic risk and compliance programs, according to Carole Switzer, OCEG co-founder and president. The goal is to provide "industry definitions and certifications will help organizations align strategy, process, information, and technology across the business."
A committee headed by Patrick Wells, director of Business Development at MEGA, will first develop a common body of knowledge aligned to the OCEG GRC Capability Model (Red Book). This will form the foundation for the training and certification program.
The first step for this initiative was taken this month with an OCEG survey to risk and compliance professionals, auditors, chief risk officers, compliance directors, enterprise architects, CIOs and CEOs. The survey results will help shape the direction of the program.
As soon as the survey results are analyzed, the group will add new members and immediately begin work to design an industry-wide definition of GRC architecture and the corresponding common body of knowledge.