ITS A CORE PART OF GOVERNANCE, RISK MANAGEMENT, COMPLIANCE (GRC)

OCEG Red Book, GRC Capability Model, Framework v2
www.oceg.org

 

P1: Codes of Conduct [Ethics Code]
“Implement a code of conduct for the Board, the workforce and the extended enterprise.”
Practice P1.1 Develop the Code of Conduct, Sub-Practice 13:
“Provide for the code of conduct to address:
– compliance with all applicable laws and regulations,
– conflicts of interest,
– proper use of corporate property, information and opportunities,
– fair treatment in business dealings,
– transparency, timeliness and accuracy of public disclosures and regulatory reporting,
– prompt internal reporting of violations,
– accountability for adherence to the code provisions,
– substance abuse,
– political contributions and activities,
– the importance of ethical values and principles in decision making,
– the importance of asking questions and raising issues when concerns exist,
– how to report misconduct
– how to report incidents and ask questions, and
– a guarantee of non-retaliation for reporting incidents.”

 

P4 Awareness and Education [Ethics Awareness and Ethics Training]
Principle 01 “Awareness, education and ongoing support enables individuals to:
– know what is expected,
– reduce the likelihood of errors and criminal behavior, and
– be comfortable about reporting misconduct or GRC system flaws.”

 

D1 Hotline and Notification [Ethics Hotline]
“Provide multiple pathways to report suspicions or incidents of noncompliance or unethical conduct, or to identify concerns about GRC system weaknesses.”

Copyright © 2019 Ethically Managed - Site By Vinay Bakshi Designs | Terms of Use | Privacy Policy