Menu Close Menu

Menu

Account
Premium

LeanGRC® Policy Management

Download eBook

Policy management sets the tone to streamline governance, risk and compliance processes.

Policies are the lifeblood of a company’s governance activities. They establish expectations that not only advance business interests, but also help prevent events or behaviors that hinder the achievement of business goals. Let’s consider how the principles of LeanGRC® can be applied to the critical function of setting and enforcing corporate policies.

A policy is a statement that embodies the goals and behavior that the company wants to instill in its employees and business partners. Policies change with new regulatory requirements, business goals and risk tolerances.

Of course, we know that policies are not all equal. A policy that prohibits employees from bribing governmental officials requires stronger controls to support and enforce it than a policy that does not relate to compliance with law and is less critical to successful operation of the business. The application of LeanGRC® principles to policy management helps in the determination of how to allocate resources to support and enforce various policies.

Featured in: GRC Capabilities , GRC Capabilities

Related Resources
Back to top
OCEG © 2002 - 2024 OCEG

Terms of Service

Privacy Policy

Refund Policy

support@oceg.org

Contact Us

Information & Billing
+1 (602) 234-9278

Principled Performance, Driving Principled Performance, Putting Principles Into Practice, OCEG, GRC360°, ActiveLearning, EventDay and LeanGRC are registered trademarks of OCEG.

Protector Skillset, Protector Mindset, Protector Code, Lines of Accountability, GRC Professional, GRCP, GRC Fundamentals, GRC Auditor, GRCA, GRC Audit Fundamentals, Data Privacy Fundamentals, Integrated Data Privacy Professional, IDPP, Policy Management Fundamentals, Integrated Policy Management Professional, IPMP, Integrated Audit & Assurance Professional, IAAP, Integrated Governance & Oversight Professional, IGOP, Integrated Strategy & Performance Professional, ISPP, Integrated Risk Management Professional, IRMP, Integrated Decision Management Professional, IDMP, Integrated Compliance & Ethics Professional, ICEP, Integrated Business Continuity Professional, IBCP, Integrated Information Security Professional, IISP are trademarks of OCEG.