12th - 16th June 2017 | 23rd - 27th October 2017 | 4th - 8th December 2017




Jason Mefford

Jason Mefford is a sought after speaker business trainer and coach on ethics, corporate governance, risk management, GRC, compliance and internal audit topics. He helps organization think differently by becoming Principle Performers to help them reliably achieve their objectives, while addressing uncertainty and acting with integrity. He is currently the President of Mefford Associates, a professional training, coaching and boutique advisory firm and is also a certified trainer and business coach.

Jason has spent many years training and coaching top business professionals all over the world, and is consistently rated as one of the leading experts and most effective speakers and trainers in the world. He is the author of Risk-Based Internal Auditing, and was a contributing author on the OCEG GRC Capability Model v3.0. He is also a fellow with the Open Compliance and Ethics Group (OCEG) a nonprofit think tank that uniquely helps organizations drive Principled Performance® by enhancing corporate culture and integrating governance, risk management, and compliance processes. The concept of Principled Performance® allows organizations to reliably achieve their objectives, while addressing uncertainty, and acting with integrity the principles necessary for organizations to succeed over the long-term.

Jason has been the chief audit executive at two different multi-billion-dollar manufacturing companies. His role also included being in charge of information security and being the Chief Ethics and Compliance Officer and Chief Risk Officer. Prior to that he was a manager at both Arthur Andersen and KPMG, performing internal and external audits and advisory services for clients in various industries. He was also a national instructor at both firms.

Jason is a Certified Internal Auditor (CIA), Certified Public Accountant (CPA), Governance, Risk Management and Compliance Professional (GRCP), GRC Auditor (GRCA), Certified Risk Based Auditor (CRBA), Certificate in Risk Management Assurance (CRMA) and Certified Internal Controls Auditor (CICA).

He is a member of the Institute of Internal Auditors (IIA) and has been an active IIA volunteer serving at the local and international level. He is currently an OCEG Fellow with the Open Compliance and Ethics Group (OCEG) a nonprofit think tank that uniquely helps organizations drive Principled Performance® by enhancing corporate culture and integrating governance, risk management, and compliance processes. He is also the Managing Director of GRC Certify, the certification body for OCEG.

He has been recognized by Yale University as a rising star in corporate governance, and was a finalist for the Corporate Secretary Magazine rising star in corporate governance award. Jason is a graduate of Boise State University (BBA, Accountancy) and the University of Southern California’s Marshall School of Business (MBA).

What is the GRC Professional Certification?

GRCP certification ensures that an individual has the core understanding of GRC processes and capabilities,

and the skills to integrate governance, performance management, risk management, internal control, and compliance


Course Outline


• Introduction to OCEG
• The use of frameworks
• Available GRC individual certifications
• Business context and the need for a GRC approach and Principled Performance
• The “Big” picture of business illustration
• Defining Principled Performance
• Advantages of Principled Performance

Governance, Risk Management & Compliance Basics Module
• Defining common GRC terms
• GRC concepts
• GRC roles and responsibilities (e.g. audit, legal, human resources, IT compliance, risk management, ethics, the boards, etc…)
• Gaining commitment from senior management and the board
• Overview of the OCEG GRC Capability Model
• Implementing the OCEG GRC Capability Model at an organization

Learn Component
• Understanding the external context of your organization
• Understanding the internal context of your organization
• Understanding and assessing culture
• Understanding relevant stakeholders and developing a stakeholder relations plan

Align Component Perform Component

• Determining the right mix of proactive, detective, and responsive internal controls
• Developing relevant policies and procedures
• Providing communication to the right people, in the right way, at the right time
• Delivering education to relevant individuals
• Designing and implementing appropriate incentives
• Designing notification methods to detect desired and undesirable events
• Designing inquiry methods to detect desired and undesirable events
• Responding to desired and undesirable events

Review Component

• Monitoring the GRC capability
• Providing assurance on the GRC capability
• Making improvements to the GRC capability

GRC Strategy

• Elements of a GRC strategic plan
• Completing risk and compliance assessments as a starting point
o Fraud risk assessment
o Organizational risk assessment o Compliance gap analysis
• Moving from the current state to desired state
• Degrees of integration and maturity models Building and explaining the business case for integrated GRC
• Setting direction and management decision-making criteria in accordance with mission, vision and values
• Defining high level and lower level objectives
• Identifying opportunities, threats and requirements for your organization
• Assessing levels of reward, risk and compliance inherent and residual basis
• Designing relevant actions and controls in order to
• respond to levels of reward, risk and compliance

GRC Professional Exam Preparation Module
• GRCP exam areas
• Exam resources
• Sample GRCP exam questions and answers


Through lectures and practical group interaction, discussions, and exercises, you will learn about:
• Defining a GRC strategy
• Integrating and improving corporate performance, risk and compliance programs
• Strengthening core business processes
• Improving use of technology to support the integrated

There simply is no other training program that provides you with the skills, resources, and practical examples you need to help your organization improve its GRC capability by implementing the publicly vetted open source standards set out in OCEG’s GRC Capability Model.

At the heart of the seminar is the OCEG GRC Capability Model. Although various standards  and frameworks exist to address discrete portions of governance, risk management and compliance issues, the OCEG GRC Capability Model is the only open standard that provides comprehensive and detailed practices for an integrated GRC capability.


Learning Objectives
governance, management, and assurance of performance,

• Develop a GRC strategic plan risk, and compliance.
• Successfully pass the GRC Professional certification exam
• Align governance, risk and compliance in context of the organization
• Understand, define, and enhance organizational culture asit relates to performance, risk, and compliance
• Implement effective, efficient and agile GRC processes using the OCEG GRC Capability Model
• Motivate and inspire desired conduct through the concept of Principled Performance
• Understand technology’s role in GRC
• Develop ongoing monitoring and continuous improvement of GRC activities through metrics and measurement
• How to explain the value of Principled Performance, and an integrated approach to GRC, to your management and board


Register & Attend

Early Regstration Qualify for a 10% discount

Early-bird PASS

  • Main keynote speeches
  • 10% discount
  • Price per delegates


  • Main keynote speeches
  • No discount
  • Price per delegates







12th - 16th June 2017



23rd - 27th October 2017


4th - 8th December 2017


Don't miss the event!