Team Members Archive


The Audit Management Pundit

fedora2-transparentJason Mefford is a sought after speaker, business trainer and coach on ethics, corporate governance, risk management, GRC, compliance and internal audit topics. He helps organization think differently by becoming Principle Performers to help them reliably achieve their objectives, while addressing uncertainty and acting with integrity. He is currently the President of Mefford Associates, a professional training, coaching and boutique advisory firm and is also a Brian Tracy certified trainer and business coach.

Jason has spent many years training and coaching top business professionals all over the world, and is consistently rated as one of the leading experts and most effective speakers and trainers in the world.

He is the author of Risk-Based Internal Auditing, and was a contributing author on the OCEG GRC Capability Model v3.0. He is also a fellow with the Open Compliance and Ethics Group (OCEG) a nonprofit think tank that uniquely helps organizations drive Principled Performance® by enhancing corporate culture and integrating governance, risk management, and compliance processes. The concept of Principled Performance® allows organizations to reliably achieve their objectives, while addressing uncertainty, and acting with integrity – the principles necessary for organizations to succeed over the long-term.

Jason has been the chief audit executive at two different multi-billion dollar manufacturing companies. His role also included being in charge of information security and being the Chief Ethics and Compliance Officer and Chief Risk Officer. Prior to that he was a manager at both Arthur Andersen and KPMG, performing internal and external audits and advisory services for clients in various industries. He was also a national instructor at both firms.

Jason is a Certified Internal Auditor (CIA), Certified Public Accountant (CPA), Governance, Risk Management and Compliance Professional (GRCP), GRC Auditor (GRCA), Certified Risk Based Auditor (CRBA), Certificate in Risk Management Assurance (CRMA) and Certified Internal Controls Auditor (CICA).

He is a member of the Institute of Internal Auditors (IIA) and has been an active IIA volunteer serving at the local and international level. He is currently an OCEG Fellow with the Open Compliance and Ethics Group (OCEG) a nonprofit think tank that uniquely helps organizations drive Principled Performance® by enhancing corporate culture and integrating governance, risk management, and compliance processes. He is also the Managing Director of GRC Certify, the certification body for OCEG.

He has been recognized by Yale University as a rising star in corporate governance, and was a finalist for the Corporate Secretary Magazine rising star in corporate governance award.

Jason is a graduate of Boise State University (BBA, Accountancy) and the University of Southern California’s Marshall School of Business (MBA).

He spends most of his time traveling all over the world helping clients.  He lives in southern California, where the weather is perfect almost every day.

    Continue Reading

    Michael Rasmussen, J.D., GRCP, CCEP, CISSP

    The GRC Pundit

    Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of enterprise GRC, GRC technology, corporate compliance, and policy management.  With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architecture, and select technologies that are effective, efficient, and agile.  He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester.

    Michael has contributed to U.S. Congressional reports and committees, and currently serves on the Leadership Council of the OCEG and chairs the OCEG Technology Council, OCEG Policy Management Group, and the OCEG GRC Architect Group.

    Michael is quoted extensively in the press and is respected for his commentary on broadcast news channels. He is an Honorary Life Member in The Institute of Risk Management for his contributions to risk management and GRC. In June 2007, Treasury & Risk recognized Michael as one of the 100 most influential people in finance with specific accolades noting his work in “Governance and Compliance: Saving the Planet and the Corporation” and as a “Rising Star in Rocky Times: Corporate America’s Outstanding Executives.”

    Prior to founding GRC 20/20 Research, Michael was a Vice-President and  ’Top Analyst’ at Forrester Research, Inc. Before Forrester, he led the risk/compliance consulting practice at a professional services firm, and prior to that has specific experience managing compliance and risk within commercial organizations.

    Michael’s educational experience consists of a Juris Doctorate in law and a Bachelor of Science in Business. Michael is currently pursuing a Master of Divinity at Trinity Evangelical Divinity School with a research focus in ethics and church history.  He is a GRCP (GRC Professional), CCEP (Certified Compliance and Ethic Professional), and a CISSP (Certified Information Systems Security Professional).  OCEG has recognized him as an OCEG Fellow for his contributions and advancement of GRC practices around the world.

    Certifications & Designations

    • OCEG Fellow
    • Honorary Life Member, Institute of Risk Management (IRM)
    • GRC Professional (GRCP)
    • Certified Compliance & Ethics Professional (CCEP)
    • Certified Information Systems Security Professional (CISSP)


    • Master of Divinity, Trinity Evangelical Divinity School (in progress)
      • Thesis in Progress:  Theology of Risk Management
    • Master of Arts, Church History (in progress)
      • Thesis in Progress: Understanding Tolkien through the Lens of Medieval Theology
    • Juris Doctorate, Oakbrook College of Law & Government Policy
    • Bachelor of Science, Business, University of Phoenix

    Association Involvement

    • Open Compliance and Ethics Group (OCEG)
    • Chicago Regional Business & Ethics Network (CRBEN)
    • Institute of Risk Management (IRM)
    • Society of Corporate Compliance & Ethics (SCCE)
    • Professional Risk Manager’s International Association (PRMIA)
    • Information Systems Security Association (ISSA)
    • Institute of Internal Auditors (IIA)
    • Information Systems Audit & Control Association (ISACA)

    Business Networking:

    Continue Reading

    Follow by Email