If you are a professional working the area of governance, risk management, compliance, internal audit, or any other function that is an integral part of a GRC capability, you owe it to yourself to get personally certified as a GRC Professional. It is actually much easier to get certified than you might expect. OCEG, the …
Author Archives: Jason Mefford
Risk Based Internal Auditing
In this course about risk-based internal audit you will learn … What risk-based internal auditing is and what its not. The Risk-Based Internal Audit Model – only available in this course. Risk management basics. How to transform your internal audit activity to a truly risk-based function. How to develop a risk-based internal audit plan. Get …
Information and Answers about the CIA Exam
I teach many CIA exam review courses and get asked a lot of questions about the exam. Here is some detailed information about the test itself, the requirements to become a CIA, on-going CPE requirements, and information about the scoring of the exam. For more up-to-date information make sure to check out the Mefford CIA …
Continue reading “Information and Answers about the CIA Exam”
Lessons from Winnie the Pooh on Risk Assessments
Here is information from a recent article I wrote for Compliance Week entitled: “Lessons from Winnie The Pooh on Risk Assessments — Using an integrated GRC approach to risk assessments and risk-based audit planning.” Lessons from Winnie The Pooh on Risk Assessments Using an integrated GRC approach to risk assessments and risk-based audit planning by …
Continue reading “Lessons from Winnie the Pooh on Risk Assessments”
Questions about Risk Based Internal Audit
I have a couple of exciting things to share with you. First, I am close to finishing my new book on Risk Based Internal Audit, and anticipate it will be ready for purchase in the next couple of months. Stay tuned for the announcement when it is ready. Learn more about how you can become …
Continue reading “Questions about Risk Based Internal Audit”
Is My Company Compliant with the Revised Federal Sentencing Guidelines?
Not all organizations are required to have a governance, risk management and compliance (GRC) system that incorporates the Sarbanes-Oxley Act (SOX) or Dodd-Frank, but every organization should conform with the Federal Sentencing Guidelines for Organizations (FSGO). Not having an ethics and compliance program that conforms to the FSGO can cost your organization significantly more when …
Continue reading “Is My Company Compliant with the Revised Federal Sentencing Guidelines?”
Is there value in getting professional certifications?
Companies value professionals who proactively seek opportunities to develop their skills and expertise. One of the best ways for individuals to demonstrate their commitment to career growth is by pursuing industry-recognized certifications. Earning professional designations can provide numerous benefits, including improved career prospects and enhanced earning power. According to the Robert Half 2008 Salary Guide, …
Continue reading “Is there value in getting professional certifications?”
Can Internal Audit Rely on Risk Management’s Risk Assessment for Audit Plan?
I have been asked the following questions about relying on a risk assessment performed by the risk management function. Here are the questions and answers: QUESTION #1. Who conducts the annual risk assessment used for establishing a risk-based plan to determine priorities of the internal audit activity? and QUESTION #2. Is this a risk assessment …
Continue reading “Can Internal Audit Rely on Risk Management’s Risk Assessment for Audit Plan?”
What GRC certifications are available?
OCEG is the largest and most respected GRC professional organization in the world, with over 40,000 member. Through its sister organization GRC Certify, GRC professionals can obtain individual certifications. This is an amazing opportunity to prove your GRC competence and add another designation to your resume. There are currently two certifications offered: GRC Professional, and …
Do you need GRC training in 2014?
Plan your CPE for 2014 to include getting a GRC Professional certification. By attending a GRC Professional seminar you not only get CPE and valuable information to help you in your GRC capability, but you also learn what you need to successfully pass the GRC Professional certification exam. At the end of this seminar you …
