ISACA/ITGI Responses to Exposure Drafts from Regulators and Standards Setting Bodies

ISACA's response to OCEG's "Red Book" Exposure Draft is contained on the following link. The Red Book sets out the GRC Capability Model, which takes an integrated and holistic approach to Corporate governance, risk management and compliance. ISACA generally expressed support for the document and a willingness to work with OCEG in further development of the project. Their comments do highlight some inconsistencies in the treatment of IT controls in the Red Book, and recommend a clarification of its message. ISACA/ITGI Responses to Exposure Drafts from Regulators and Standards Setting Bodies