CGRC – Governance, Risk and Compliance Certification

Download Ultimate GuideExplore Training
CGRC badge
Two women looking at post it notes
Build Your Career with the ISC2 CGRC Certification

CGRC Quick Glance

GOVERNANCE RISK AND COMPLIANCE

Shows advanced technical skills and knowledge to protect, authorize and maintain information systems within various risk management frameworks.

WHAT TO EXPECT ON THE CGRC EXAM

Domain 1: Information Security Risk Management Program

Domain 2: Scope of the Information System

Domain 3: Selection and Approval of Security and Privacy Controls

Domain 4: Implementation of Security and Privacy Controls

Domain 5: Assessment/Audit of Security and Privacy Controls

Domain 6: Authorization/Approval of Information System

Domain 7: Continuous Monitoring


CGRC Exam Outline
2 Years
Required Work Experience
ANAB Accredited
ISO/IEC Standard 17024
U.S. DoD 8570.1
Approved by Department of Defense

Your Pathway to Certification

A woman sitting on a couch with her laptop on lap while using a phone

Get Started. Become an ISC2 Candidate.

Begin your journey to certification as an ISC2 Candidate. You’ll save 20% on Official ISC2 online training and career-building support.

Certifications for Every Step of Your Career

No matter where you are in your cybersecurity career, ISC2 certifications help you achieve your professional goals.
See all certifications

Start your career with Certified in Cybersecurity

Cybersecurity Leadership

Security Operations

Cloud Security

Governance, Risk and Compliance

Software Security

Security Architecture

Security Engineering

Security Management