on 05-11-2009 3:38 PM
Hi All,
Does anyone here worked with respect to OCEG Redbook guidelines. While googling for OCEG it was realised that SAP is also member of this organisation.
Now that SAP GRC has to be implemented the client wants us to be a member of this organisation, so wanted to understand if OCEG has any relelvance to SAP GRC.
Thanks
Hi,
There are three primary frameworks for risk management: COSOu2019s ERM requirements, Federal Sentencing Guidelines, and OCEGu2019s Red Book.
Please go through this link below,
http://www.compliancebuilding.com/2009/04/16/risk-assessment-getting-it-right/
may be this will answer your question.
Thanks,
Sudip.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
OCEG' Red book is about generic concepts on governance,risk and Control.SAP GRC has practically adopted the best practices in vogue.Certainly it would have adapted some of the OCEG's concepts.It is a not a precondition to be a member of OCEG to adapt its best practices.
Am sure that majority of the SAP GRC consultants with GRC implementation experience won't have any idea about this;for the simple reason that it is not our focus.Strictly thus as an implementer of SAP GRC you need not to know about this,though a knowledge of this will be helpful in terms of clarity of the concepts.
My 2 cents
Regards
Ramesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.