FREE Newsletter!

Get actionable information and the latest news on SOX and GRC delivered to your inbox. It's free. Sign up today!


Our Privacy Pledge

We hate spam just as much as you do. Rest assured that we won't share your information with third parties for marketing purposes.

Our Holiday Schedules

Last week in July
(approximately July 21-30:
SOX and DF anniversaries)

Last week in December
(approximately Dec 25-31:
i.e. Christmas-New Year's)


Member Login

Current member login:

Email:     Password:

If you are a member and have forgotten your user ID and/or password click here.

Contact Us

Fax: 1-888-FAX-GRC-G

Main: +1.212.626.9016
Fax : +1.212.712.8897

Reference Touchstones.

Whether you’re just entering the GRC field or are a seasoned professional, it’s important to have the right reference books at your fingertips. Those affiliated with The GRC Group are recognized as thought leaders, and have codified their knowledge within the pages of these fine publications.

What topics interest you?

Sarbanes-Oxley (SOX) Books
Governance Books
Risk Management Books
IT Books
Compliance Books

Sarbanes-Oxley (SOX) Books

Sarbanes-Oxley Body of Knowledge (SOXBoK): An Introduction

By Sanjay Anand

We’re proud to say that The Sarbanes-Oxley Body of Knowledge (SOXBoK) is the world's most comprehensive, authoritative compendium on Sarbanes-Oxley (SOX) – and is our flagship publication. Created by practitioners for practitioners, it covers all titles and sections of the Sarbanes-Oxley Act, and provides actionable advice for implementation using GASP (Generally Accepted SOX Principles). It is a must-have for anyone implementing SOX and similar regulations, and addresses the Finance, Accounting, Audit, IT, Ethics, Legal, Risk and other disciplines impacted by SOX.

Sarbanes-Oxley Guide for Finance and Information Technology Professionals

By Sanjay Anand

One of the most comprehensive, authoritative guides to getting your organization Sarbanes-Oxley-compliant, the new, improved, and expanded Second Edition of Sarbanes-Oxley Guide for Finance and Information Technology Professionals provides a valuable reference for finance and information technology professionals such as CFOs, CIOs, controllers, auditors, executives, and consultants who are involved in Sarbanes-Oxley-related compliance projects.

With practical, workable advice that every finance and information technology professional must have at their fingertips, the book features:

  • Key aspects and important components of the Sarbanes-Oxley Act
  • A methodology to achieve SOX compliancy for your company
  • A road map to compliance, including checklists, worksheets, and project plans
  • The business and technology implications and resource requirements for compliance
  • The future of SOX and its impact on corporate America and the world

Essentials of Sarbanes-Oxley (Essentials Series)

By Sanjay Anand

Written for the senior level professionals, the executives, and the board members whose companies are impacted by SOX, this book provides the information that will help you understand the legislation and the implications it has for your company. It starts by outlining the history, core issues, and concepts of the SOX Act, and then delves in to the most relevant sections. Combining a bird’s eye view with practical information and frameworks for compliance, the book talks about the costs of compliance, the role that information technology plays in compliance efforts, and the ramifications of the Act for privately held companies and nonprofit organizations.

Governance Books

Essentials of Corporate Governance (Essentials Series)

By Sanjay Anand

This easy-to-use book is designed with an appreciation for demanding professional obligations. This professional guide's nuts-and-bolts presentation examines why corporate governance is important and puts you in a better position to understand its successful implementation for your organization. Essentials of Corporate Governance will challenge your concept of corporate governance and provide you with an understanding of:

  • The concept of governance
  • The competing goals that corporations may have
  • Why there is a call for corporations to be more ethical
  • The various forms of corporate structure
  • Corporate governance in emerging markets
  • Corporate governance within nonprofit organizations

Communicating the idea of corporate governance as a process and an ideal rather than a set of criteria, this accessible and relevant book is the resource and reference guide you will turn to time and again for the knowledge you need to make corporate governance work for your corporation.

The Governance, Risk, and Compliance Handbook: Technology, Finance, Environmental, and International Guidance and Best Practices

By Anthony Tarantino

Providing a comprehensive framework for a sustainable governance model and how to leverage it in competing global markets, this book presents a valuable overview to the political, regulatory, technical, process, and people considerations in complying with an ever more demanding regulatory environment and achievement of good corporate governance. Offering an international overview, this book features contributions from sixty-four industry experts from fifteen countries.

Risk Management Books

Managing the Audit Function: A Corporate Audit Department Procedures Guide

By Michael P. Cangemi and Tommie W. Singleton

As auditing shifts from an outsourced function to a cornerstone of internal control, audit directors need an updated manual that reflects the radical changes the internal audit profession recently experienced in order to establish efficient processes for conducting successful audits. This book provides a blueprint for the creation of an effective procedures manual for an internal audit department.

By implementing the methods recommended in Cangemi and Singleton’s authoritative guide, auditors can play an integral role in improving overall corporate performance. By following the manual, auditors can ensure that they are following the guidelines for internal control that both the Foreign Corrupt Services Act and the Committee of Sponsoring Organizations (COSO) require.

IT Books

The Sarbanes-Oxley Guide for Finance and Information Technology Professionals: By Sarbanes-Oxley Group

By Sanjay Anand

Created by the Sarbanes-Oxley Group, this book includes practical, actionable advice that every Finance and IT professional must have at their fingertips as they pursue, or consider pursuing, a journey of Sarbanes-Oxley compliance.

Implementing IT Governance: A Practical Guide to Global Best Practices in IT Management

By Gad J. Selig (Author), Jayne Wilkinson (Editor)

The issues, opportunities and challenges of aligning information technology more closely with an organization and effectively governing an organization s Information Technology (IT) investments, resources, major initiatives and superior uninterrupted service is becoming a major concern of the Board and executive management in enterprises on a global basis. An integrated and comprehensive approach to the alignment, planning, execution and governance of IT and its resources has become critical to more effectively align, integrate, invest, measure, deploy, service and sustain the strategic and tactical direction and value proposition of IT in support of organizations. Much has been written and documented about the individual components of IT Governance such as strategic planning, demand (portfolio investment) management, program and project management, IT service management and delivery, strategic sourcing and outsourcing, performance management and metrics, like the balanced scorecard, compliance and others. Much less has been written about a comprehensive and integrated IT/Business Alignment, Planning, Execution and Governance approach. This new title fills that need in the marketplace and gives readers a structured and practical solutions using the best of the best principles available today.

IT Governance: How Top Performers Manage IT Decision Rights for Superior Results

By Peter Weill and Jeanne Ross

Firms with superior IT governance have more than 25% higher profits than firms with poor governance given the same strategic objectives. These top performers have custom-designed IT governance for their strategies. Just as corporate governance aims to ensure quality decisions about all corporate assets, IT governance links IT decisions with company objectives and monitors performance and accountability. Based on a study of 250 enterprises worldwide, IT Governance shows how to design and implement a system of decision rights that will transform IT from an expense to a profitable investment.

IT Risk: Turning Business Threats into Competitive Advantage

By George Westerman and Richard Hunter

Are you exposing your business to IT risk, and leaving profit opportunities on the table? You might be if you are managing your IT risk using more traditional approaches. IT Risk, a new book based on research conducted by MIT s Center for Information Systems Research and Gartner, Inc., helps companies focus on the most pressing risks and leverage the upside that comes with vigilance. Traditionally, managers have grouped technology risk and funding into silos. IT Risk outlines a new model for integrated risk management, which identifies three core areas you can develop to eliminate the problems that silo strategies create. The authors also offer specific ways to make the most of your new found advantage. And because IT risk is the responsibility of all senior executives not just CIOs this book describes the tools and practices in language that general managers can understand and use.

Frameworks for IT Management: An Introduction

By Jan Van Bon (Chief Editor) and Tieneke Verheijen

This itSMF publication covers the most important frameworks in use, in a neutral and objective way, so that readers can better understand the potential value of each instrument. Each framework is described by a well-known expert in that field, in a structured format, to emphasize the specific characteristics. A consistent approach to each chapter allows easy comparison between the instruments: a description of each framework, the origin/history, where the instrument is used, description and core graphics, approach/how to, relevance to IT management, strengths and weaknesses, cross-references/relationships and links and literature. This first edition of the itSMF Frameworks for IT Management guide contains descriptions of (in alphabetical order) AS 8015, ASL, BiSL, CobiT, eSCM, eTOM, Generic Framework for Information Management (PrimaVera), IPMA Competence Baseline, ISO/IEC 20000, (formerly BS15000), ISO 27001 (ISO 17799/BS7799), ISO 9000 (GB/T 19000), ISPL, IT Balanced Scorecard, ITIL(R), ITS-CMM, PMBoK, PRINCE2(R), M_o_R(R), MSP, Six Sigma, TickIT, and TQM.

Compliance Books

Manager's Guide to Compliance

By Anthony Tarantino

A Wall Street Journal/Harris poll revealed that two thirds of investors express doubts in the ability of corporate boards of directors to provide effective oversight. In the shadow of recent global scandals involving businesses such as Parmalat and WorldCom, Manager's Guide to Compliance: Best Practices and Case Studies is essential reading for you, whether your organization is a major corporation or a small business. This timely handbook places U.S. and global regulatory information, as well as critical compliance guidance, in an easy-to-access format and helps you make sense of all the complex issues connected with fraud and compliance.