CGRC – Governance, Risk and Compliance Certification
Earn Your GRC Certification – Be a Governance, Risk and Compliance Leader
Capitalize on the rising demand for Governance, Risk and Compliance (GRC) expertise by earning the CGRC certification. The CGRC is a proven way to demonstrate your knowledge and skills to integrate governance, performance management, risk management and regulatory compliance within your organization.
CGRC professionals utilize frameworks to integrate security and privacy within organizational objectives, better enabling stakeholders to make informed decisions regarding data security, compliance, supply chain risk management and more.
CGRC Quick Glance
GOVERNANCE RISK AND COMPLIANCE
Shows advanced technical skills and knowledge to protect, authorize and maintain information systems within various risk management frameworks.
WHAT TO EXPECT ON THE CGRC EXAM
Domain 1: Information Security Risk Management Program
Domain 2: Scope of the Information System
Domain 3: Selection and Approval of Security and Privacy Controls
Domain 4: Implementation of Security and Privacy Controls
Domain 5: Assessment/Audit of Security and Privacy Controls
Domain 6: Authorization/Approval of Information System
Domain 7: Continuous Monitoring
CGRC Exam Outline
Please Note: Effective June 15, 2024, the CGRC exam will be based on an updated exam outline. Please refer to the CGRC Exam Outline and our FAQs for more information.
Required Work Experience
ISO/IEC Standard 17024
Approved by Department of Defense
Your Pathway to Certification
Who Earns the CGRC?
The CGRC is ideal for IT, information security and information assurance practitioners who work in Governance, Risk and Compliance (GRC) roles and have a need to understand, apply and/or implement a risk management program for IT systems within an organization, including positions like:
- Cybersecurity Auditor
- Cybersecurity Compliance Officer
- GRC Architect
- GRC Manager
- Cybersecurity Risk & Compliance Project Manager
- Cybersecurity Risk & Controls Analyst
- Cybersecurity Third Party Risk Manager
- Enterprise Risk Manager
- GRC Analyst
- GRC Director
- Information Assurance Manager
Work in government? See how the CGRC meets the U.S. Department of Defense (DoD) Directive 8570.1.
Get Started. Become an ISC2 Candidate.
Begin your journey to certification as an ISC2 Candidate. You’ll save 20% on Official ISC2 online training and career-building support.
Set Yourself Up for Exam Success
With Official ISC2 Training, you’re guaranteed up-to-date content that aligns to the latest exam domains. Explore the training that best meets your needs and learning style, use our self-study tools or trust our training partners around the world to help you in your certification journey.
Certified in Governance, Risk and Compliance (Online Instructor-Led)
Certified in Governance, Risk and Compliance (Classroom-Based)
Be the expert in governance, risk and compliance
Get the inside scoop on CGRC with these resources.