Skip survey header

OCEG GRC Maturity Survey 2025

The OCEG 2025 GRC Maturity Survey

A self-guided assessment to GRC excellence

Maturity Scale Definition
Throughout the survey, use this maturity scale as referenced in the GRC Capability Model*:
  • Level 1 - Initial: Practices are improvised, ad hoc, and often chaotic.
  • Level 2 - Managed: Practices are defined and managed, though sometimes informally.
  • Level 3 - Consistent: Practices are formally documented and consistently managed.
  • Level 4 - Measured: Practices are measured and managed with data-driven evidence.
  • Level 5 - Optimizing: Practices are consistently improved over time.

* Refer to the GRC Capability Model 3.5 (Red Book) for more on scale definition.
1. Do you work for a consulting firm or software provider in the GRC arena?
(Select only one) *This question is required.
Do you hold a GRC position (within the Critical Disciplines) OR are you in product development, sales, marketing, etc.?
(Select only one) *This question is required.
English