OCEG Governance Risk and Compliance GRC

The OCEG community has spent over a decade perfecting best practices for GRC.  With the help of a panel of 100+ experts, OCEG studied 250+ organizations to document best practices in the GRC Capability Model. 

The GRC Capability Model was originally published in 2005 and has gone through several revisions. Each revision is led by Co-Chairs of a Steering Committee comprised of leading professionals from governance, risk management, audit, compliance, ethics/culture and IT.

Link to OCEG to learn more.  https://www.oceg.org/standards/

DRI’s Professional Practices for Business Continuity Management

The ten professional practices were created and are maintained by Disaster Recovery Institute International.  This is a body of knowledge designed to assist in the development, implementation, and maintenance of business continuity programs. It also is intended to serve as a tool for conducting assessments of existing programs.  Use of the framework can reduce the likelihood of significant gaps in a program and increase cohesiveness.

DRI is committed to providing information that addresses the following:

• Advances in technology
• Cyber threat considerations
• Utilizing insurance as a risk transfer tool
• Strategies for manufacturing
• Supply chain processing
• Risk management concepts
• Legal and regulatory concerns

Ten Professional Practices for Business Continuity Management

1. Program Initiation and Management

2. Risk Assessment

3. Business Impact Analysis

4. Business Continuity Strategies

5. Incident Response

6. Plan Development and Implementation

7. Awareness and Training Programs

8. Business Continuity Plan Exercise, Assessment, and Maintenance

9. Crisis Communications

10. Coordination with External Agencies

To learn more about the Professional Practices, go to https://drii.org/resources/professionalpractices/EN