About the Certified Program
The Governance, Risk & Compliance Professional (GRCP®) certification, offered by OCEG (Open Compliance & Ethics Group), is a foundational credential that validates broad-based knowledge in governance, risk management, and compliance (GRC). The certification confirms a professional’s ability to align GRC capabilities with business objectives, improve decision-making, and enhance organizational performance.
The GRCP® equips candidates with a holistic understanding of how to integrate and optimize GRC processes and systems, enabling organizations to manage uncertainty and meet stakeholder expectations effectively.
Learning Objectives
Upon successful completion of the GRCP® program, candidates will be able to:
Understand GRC Principles and Frameworks
- Define key terms, principles, and concepts in governance, risk management, and compliance
- Understand the OCEG GRC Capability Model (Red Book) and its components
- Explain the benefits of an integrated GRC approach over siloed efforts
Establish Effective GRC Governance
- Develop governance structures that promote accountability and oversight
- Define roles, responsibilities, and reporting lines in a GRC framework
- Align organizational objectives with stakeholder expectations and risk appetite
Implement Risk Management Practices
- Identify and assess risks across strategic, operational, financial, and compliance areas
- Design controls and response strategies to mitigate and monitor risks
- Integrate risk awareness into decision-making processes
Design and Integrate Compliance Programs
- Map regulatory requirements to policies, controls, and business activities
- Develop compliance programs that are proactive and responsive
- Promote ethical conduct and a culture of compliance
Enable GRC Capability Across the Organization
- Integrate governance, risk, and compliance into everyday business operations
- Establish communication and training strategies to promote GRC awareness
- Leverage technology and data analytics to support continuous improvement
Exam Information
- Format: Multiple-choice questions (online, open-book)
- Total Questions: 100
- Duration: 2 hours
- Delivery: Online via OCEG’s certification platform
Eligibility
- No formal prerequisites
- Recommended for professionals with foundational exposure to governance, risk, or compliance concepts
- Ideal first step before pursuing advanced OCEG credentials (e.g., GRCA®)
Curriculum
- 4 Sections
- 12 Lessons
- 120 Minutes
- Learn and Align3
- Perform and Review3
- Review and Improve3
- Design and Build3
Target audiences
- The GRCP® is designed for professionals involved in implementing or supporting governance, risk, and compliance efforts, including:
- Compliance Officers and Program Managers
- Risk Management Professionals
- Internal Auditors
- Legal, Ethics, and Regulatory Staff
- Information Security and Data Governance Personnel
- Corporate Governance Advisors and Board Support Staff