My good friends at OCEG have shared a new document, A Practical Guide About GRC Metrics and Measurement.
It is “designed primarily for risk, compliance and audit executive”.
But, GRC (as defined by OCEG) is “the integrated collection of capabilities that enable an organization to reliably achieve objectives, address uncertainty and act with integrity”.
As the Guide says, a major part of GRC is about “break[ing] down silos between governance, strategy, performance management, risk management, compliance management, internal audit and other departments”.
Every part of the…
