GRC Training

Mefford Associates is the premier GRC training company in the world. In fact, we are one of the few organizations authorized to teach GRC using methodology and resources from OCEG, the organization that invented GRC.

GRC is about designing and implementing a collection of integrated capabilities, to allow your organization to reliably achieve its objectives, while addressing uncertainty, and acting with integrity. It is not another way to do compliance. It is not enterprise risk management. It is not a technology solution. While these are important, GRC is really about Principled Performance®.

Our founder and president, Jason Mefford is a Fellow with OCEG, and has spent years teaching and helping top organizations all over the world design and implement integrated GRC capabilities.

We understand GRC better than the rest. Since GRC is a hot topic, there are many organizations claiming to teach GRC. Ensure your training is of the highest quality, by trusting your learning of GRC to us.

But don't just take our word for it. Scroll down to see testimonials from our satisfied clients.

Interested in an In-House GRC Training for your Team?

In-House Training Request Form

Is GRC Training Right for You?

Industry Recognition For The GRC Professional Certification

The GRC Professional certification is the best GRC certification to have if you are a professional working in GRC.  It is backed by OCEG, the organization that invented GRC, and has received industry recognition from the following sources:

  • The Top 6 Governance, Risk and Compliance certifications – CIO Magazine
CIO Magazine
  • Governance Defined: What it is, Why it’s Important, and Which Certs Can Help - Certification Magazine
Certification Magazine
  • 18 Certifications Worth Having - Global Knowledge
Global Knowledge

Not Sure if GRC Training is Right for You?

  • Are you new to a GRC role at your organization?
  • Do you need to develop, or improve your plan for dealing with GRC in an integrated manner?
  • Are you interested in adding a valuable individual certification to your resume or CV?
  • Do you want to network with other companies trying to implement integrated GRC capabilities?
  • Would you like practical tools you can apply at your organization, the day you get back from training?
  • Would you like some free advice and help from an internationally recognized expert in GRC who helped author the OCEG GRC Capability Model?
  • Do you work in one of the key GRC capability areas like: risk management, internal audit, compliance, governance, legal, human resources, or IT?

If you answered yes to any of those questions, GRC training apply to you.

What are you waiting for?  Sign up today and you will be one step closer to having your questions answered.



Let us design a GRC training for your organization,
or choose from our most popular trainings:

The GRC Professional training seminar is the best, interactive course available, to teach how to efficiently design and enhance GRC capabilities within your organization, based on the only established international GRC standards.

This program also prepares you to enhance your professional credentials by taking the GRC Professional certification exam, offered by OCEG's affiliate organization, GRC Certify.

In fact, over 90% of participants pass the GRC Professional exam on their first attempt!

Designing & Implementing an Integrated GRC Capability

At the heart of this training is the OCEG GRC Capability Model. Although various standards and frameworks exist to address discrete portions of governance, risk management and compliance issues, the OCEG GRC Capability Model is the only open standard that provides comprehensive and detailed practices for an integrated GRC capability.

Organizations can use the GRC Capability Model to address a broad GRC program across the organization or develop a structure within the various capabilities of GRC (e.g., legal, compliance, risk management, human resources, internal audit). The goal is to make GRC processes more effective, efficient, and agile to the needs of the organization.

The GRC Audit training seminar is an interactive course that teaches how to efficiently audit a GRC capabilities within your organization, based on the OCEG GRC Capability Model (Red Book) and the OCEG GRC Assessment Toolkit (Burgundy Book).

This program also prepares you to enhance your professional credentials by fulfilling the training requirement for obtaining the GRC Audit certification, offered by OCEG's affiliate organization, GRC Certify.


Custom In-House Training

Let us create a custom GRC training for your organization based on your particular needs. We can provide more in-depth training on any of the component of the OCEG GRC Capability Model (Red Book) or the OCEG GRC Assessment Toolkit (Burgundy Book).

Sign Up for Jason Mefford's Newsletter

Register now to get regular updates and to be notified about upcoming training sessions.

We value your privacy and would never spam you

OCEG GRC Capability Model

The OCEG GRC Capability Model (or Red Book) helps GRC professionals plan, assess, and improve their GRC capabilities in order to achieve Principled Performance. Principled Performance is the healthy and vigorous state of being that enables organizational success. It can only be achieved by integrating and aligning information and core functions, and supporting them with strong communication, effective technology, and development of the desired culture.

Our GRC training courses teach how to apply the OCEG GRC Capability Model at an organization to develop an integrated GRC capability.

Mefford Associates is an authorized training partner of OCEG, and the only place you can get this valuable training based on the OCEG GRC Capability Model.


What People Are Saying About Our GRC Training

I participated Jason Mefford’s GRC Professional training. In addition to being such an enjoyable and great experience itself, the training provided me with a variety of new tools and ideas how to manage and promote GRC and ethics in our organization. Although I had been working with similar kind of topics for more than 10 years before the training, the new way how to combine, present and explain GRC to different organizations and in different contexts really supported my work.

Jyri Wesanko
TeliaSonera Group

This training provided me with information that helps me see the bigger picture.  It will be valuable in both the performance of my job, but also in building on my professional skills. I plan to share the GRC model with my team and use it when approaching new projects. I actually feel confident that I could set up a new GRC program at a company using my current experience and this model.I really enjoyed the course and Jason's presentation.  I would highly recommend this training to all levels of GRC professionals.

Stuart McNeill
Oil States International

I took a Governance, Risk Management & Compliance (GRC) training with Jason and was impressed with his level of knowledge, creativity in teaching, and, after I took his course, I passed the GRCP certification exam without problems. I would highly recommend him for a high-value and fun GRC training.

Lubna Maria Elia
Root Capital

Jason has great facilitation skills. The sharing of real-life experiences by Jason and the course participants enhanced the whole learning experience.

Patricia Jalleh
Enterprise Risk Asia

The professional interactions among, and exchange of information between participants was so valuable.  The program information is invaluable in helping me share and implement GRC capability concepts.

Stella Acosta
Motor Car Parts of America

Jason’s approach is to allow the exploration of ideas and concepts while still sticking to the agreed material and timescales. The addition of real life experience really brings to life the application of OCEG principles.

Alex Hollis
EMC / RSA

About Mefford Associates

Mefford Associates is a professional training, coaching, and boutique advisory firm focusing on corporate governance, risk management, compliance, GRC, internal controls, and internal audit. We are an authorized training partner of OCEG and provide both public and in-house sessions of the GRC Professional training all over the world.

Our founder, Jason Mefford is a sought after adviser and speaker on ethics, corporate governance, GRC, compliance and internal audit topics.

Jason has spent years teaching business professionals all over the world, and is consistently rated as one of the leading experts and most effective trainers in the world.  He is also the author of a book on Risk-Based Internal Auditing and was a contributing author on the OCEG GRC Capability Model v3.0.

About OCEG

OCEG is a global, nonprofit think tank and community. We inform, empower, and help advance over 60,000 members on governance, risk management, and compliance (GRC).

www.oceg.org