cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

OCEG?

Go to solution
Former Member

on ‎05-11-2009 3:38 PM

0 Kudos

Hi All,

Does anyone here worked with respect to OCEG Redbook guidelines. While googling for OCEG it was realised that SAP is also member of this organisation.

Now that SAP GRC has to be implemented the client wants us to be a member of this organisation, so wanted to understand if OCEG has any relelvance to SAP GRC.

Thanks

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎05-12-2009 9:01 AM
0 Kudos

Hi,

There are three primary frameworks for risk management: COSOu2019s ERM requirements, Federal Sentencing Guidelines, and OCEGu2019s Red Book.

Please go through this link below,

http://www.compliancebuilding.com/2009/04/16/risk-assessment-getting-it-right/

may be this will answer your question.

Thanks,

Sudip.

Show replies
Show replies

Answers (1)

Answers (1)

Former Member
‎05-13-2009 7:54 AM
0 Kudos

Hi,

OCEG' Red book is about generic concepts on governance,risk and Control.SAP GRC has practically adopted the best practices in vogue.Certainly it would have adapted some of the OCEG's concepts.It is a not a precondition to be a member of OCEG to adapt its best practices.

Am sure that majority of the SAP GRC consultants with GRC implementation experience won't have any idea about this;for the simple reason that it is not our focus.Strictly thus as an implementer of SAP GRC you need not to know about this,though a knowledge of this will be helpful in terms of clarity of the concepts.

My 2 cents

Regards

Ramesh

Show replies
Show replies
Former Member
‎05-13-2009 7:58 AM
0 Kudos

Actually i too went through the Red book published in the OCEG and thought in the same directions, but wanted to get more ideas on this issue. Thanks for your inputs

Ask a Question