My colleague, Carole Switzer, President of OCEG, just did a fabulous post about some of the top questions we get about OCEG GRC certifications. I want to share it with you in case you have any of the same questions or are considering how to get certified in GRC.
I am also very excited to share that the GRC Professional certification has made some top lists itself, proving the value of getting certified as a GRC Professional:
- #5 of 18 Certifications Worth Having – from Global Knowledge: http://www.globalknowledge.com/training/generic.asp?pageid=3841
- Top 6 GRC Certifications – from CIO Magazine: http://www.cio.com/article/3005659/certifications/the-top-6-governance-risk-and-compliance-certifications.html#slide1
I’ve been getting a lot of questions lately about the GRC Professional Certification and the companion GRC Audit Certification. So, I thought I’d tackle them all at once. Here we go:
1. What is a GRC Professional?
An individual that spends substantial time helping an organization achieve principled performance by leading, planning, performing, enabling, integrating or auditing governance, performance management, risk management, internal control, compliance or ethics activities.
2. What is the GRC Professional Certification?
GRC Professional (GRCP) certification is the only credential that ensures understanding of the OCEG GRC Capability Model (Red Book). OCEG’s Red Book is the only true GRC capability model — and it is independent of a specific profession or vendor solution. In fact, OCEG is the organization that defined the concept of integrated GRC, and I helped write the model.
3. How do I get the GRCP certification?
You take an exam that is offered through the OCEG website. It is online and can be taken from anywhere at any time.
4. How do I prepare for the GRCP exam?
You prepare for the exam by studying the material. I’ve put together a course to help you get through the material quickly that you can access at: https://jasonmefford.teachable.com/p/training-to-obtain-your-grc-professional-grcp-certification/ and through cRisk Academy.
Over 90% of people who use this course pass the GRC Professional exam the first time. This course offers extra practice questions you can’t get any where else, so you know you are prepared to pass.
How do I know? I developed the training and exam, so I know exactly what you will be asked on the exam.
5. How much does it cost to get and maintain the GRCP certification?
The GRCP exam and certification is now available for those who have an OCEG All Access Pass. Basically, as long as you are a paid AAP member of OCEG you can qualify for and keep the GRCP credential.
6. How was the scope of the GRCP certification determined?
As a foundational certification, the GRCP exam tests a broad range of areas addressed in OCEG’s GRC Capability Model. These areas were determined by conducting an extensive job analysis of over 500 GRC Professionals in June 2010. Participants in the job analysis were asked to analyze over 200 skills and determine their significance to a GRC professional, executive or auditor. The job analysis and other research yielded a competency model that serves as a blueprint for the GRCP and GRCA.
7. What is a GRC Auditor?
OCEG defines a GRC Auditor as an individual who is proficient in using internal and external audit standards to audit GRC activities. This includes understanding, assessing, and evaluating key components, practices and activities to build and execute a risk-based audit plan for governance, performance management, risk management, internal control, compliance or ethics activities.
8. What is the GRC Audit (GRCA) Certification?
The GRCA certifies that an individual has the core understanding, skills, and competence to assess, evaluate and audit the performance of GRC activities and controls.
9. How do I get a GRC Audit Certification?
In order to qualify for the GRCA Certification an individual must:
- Be a GRCP in good standing (must pass the GRCP before moving on to GRCA)
- Complete an approved GRCA training class:
- Complete the GRCA application which includes:
- Professional license or certification verification
- Professional experience documentation
- Evidence of GRCA training completion
- 100-250 word description of GRC audit activities performed
- Maintain OCEG All Access Pass membership
10. Where can I get more information on GRCP and GRCA certifications for me or for my team?
Tell me a little more about your team by filling out the information on this page: http://meffordassociates.com/in-house-training-request/
I’ve taught top organizations all over the world how to integrate GRC capabilities and get certified.