More Thoughts on the OCEG Session at CA World

Published: December 2, 2008 | No Comments

By: Sumner Blount

Sumner Blount offers up his view on key take-aways from the OCEG Luncheon with Scott Mitchell at the recent CA World event.

At the CA World conference recently, I attended a luncheon in which the featured speaker was Scott Mitchell, the CEO of the Open Compliance and Ethics Group (OCEG).

OCEG has emerged as a leading organization in the effort to improve and establish consistency of GRC activities among large enterprises.  OCEG currently has over 19,000 members, and they have made significant progress in establishing and promulgating industry best practices for GRC.  The OCEG web site - www.oceg.org - provides a wealth of useful GRC information, and the GRC Framework, also known as the Red Book, is increasingly considered an industry best practice for GRC initiatives.

Scott covered a broad range of topics during his talk.  There was one that was particularly compelling from my point of view.  In discussing the need for a unified approach to managing risk and compliance, he emphasized the following key business drivers:

1. The high cost of information silos – siloed approaches to risk and compliance result in redundant activities and high total compliance costs.

2. The high costs of poor information quality – the lack of a “single source of truth” for risk and compliance information can reduce the effectiveness and quality of decision-making.

3. The high costs of getting it wrong – an ineffective risk and compliance program can, and does, result in loss of corporate reputation, increased business interruption, and reduced employee productivity.

He had several interesting anecdotal examples of the power and impact of these business drivers.  Space precludes me from summarizing the whole talk, but if you email me, I will be happy to send you his slides.

Tags: CAWorld, GRC, OCEG, Scott Mitchell

Leave a Comment