GRC Professional Training

The GRCP training course provides participants with the core understanding of GRC processes and capabilities, and the skills to integrate governance, performance management, risk management, internal control, and compliance activities. It gives assurance that the Compliance Professional has core knowledge, skills and understanding of managing and advising on risk, internal controls, key compliance matters and functions compliance, and how these must be integrated for effective and appropriate governance.

On this course, participants will be prepared for the OCEG GRC examination. Participants who wish to pursue the certification may sit for the examination offered separately by OCEG after this training course. Examination voucher can be purchased at a special rate from our training partner Straits Interactive. More details about the examination voucher will be shared on the last day of the course.

The GRCP training course covers the following topics:

• Introduction

1. Introduction to OCEG
2. The use of frameworks
3. Available GRC individual certifications
4. Business context and the need for a GRC approach and Principled Performance
5. The "Big" picture of business illustration
6. Defining Principled Performance
7. Advantages of Principled Performance

• Governance, Risk Management and Compliance Basics Module

1. Defining common GRC terms
2. GRC Concepts
3. GRC roles and responsibilities (e.g. audit, legal, human resources, IT, compliance, risk management, ethics, the boards etc.)
4. Gaining commitment from senior management and the board
5. Overview of the OCEG GRC Capability Model
6. Implementing the OCEG GRC Capability Model at an organisation

• Learn Component

1. Understanding the external context of your organisation
2. Understanding the internal context of your organisation
3. Understanding and assessing culture
4. Understanding relevant stakeholders and developing a stakeholder relations plan

• Align Component

1. Setting direction and management decision-making criteria in accordance with mission, vision and values
2. Defining high-level and lower-level objectives
3. Identifying opportunities, threats and requirements for your organisation
4. Assessing levels of reward, risk and compliance - inherent and residual basis
5. Designing relevant options and controls in order to respond to levels of reward, risk and compliance

• Perform Component

1. Determining the right mix of proactive, detective, and responsive internal controls
2. Developing relevant policies and procedures
3. Providing communication to the right people, in the right way, at the right time
4. Delivering education to relevant individuals
5. Designing and implementing appropriate incentives
6. Designing notification methods to detect desired and undesirable events
7. Designing inquiry methods to detect desired and undesirable events
8. Responding to desired and undesirable events

• Review Component

1. Monitoring the GRC capability
2. Providing assurance on the GRC capability
3. Making improvements to the GRC capability

• GRC Strategy

1. Elements of a GRC strategic plan
2. Completing risk and compliance assessments as a starting point - Fraud risk assessment, Organisational risk assessment, Compliance gap analysis
3. Moving from the current state to desired state
4. Degrees of integration and maturity models
5. Building and explaining the business case for integrated GRC

• GRC Professional Exam Preparation Module

1. GRCP exam areas
2. Exam resources
3. Sample GRCP exam questions and answers