Skip to main content

CGRC – Governance, Risk and Compliance Certification

CGRC badge

Earn Your GRC Certification – Be a Governance, Risk and Compliance Leader

Capitalize on the rising demand for Governance, Risk and Compliance (GRC) expertise by earning the CGRC certification. The CGRC is a proven way to demonstrate your knowledge and skills to integrate governance, performance management, risk management and regulatory compliance within your organization.

CGRC professionals utilize frameworks to integrate security and privacy within organizational objectives, better enabling stakeholders to make informed decisions regarding data security, compliance, supply chain risk management and more.

CGRC Quick Glance

GOVERNANCE RISK AND COMPLIANCE

Shows advanced technical skills and knowledge to protect, authorize and maintain information systems within various risk management frameworks.

WHAT TO EXPECT ON THE CGRC EXAM

Domain 1: Security and Privacy Governance, Risk Management, and Compliance Program

Domain 2: Scope of the System

Domain 3: Selection and Approval of Framework, Security, and Privacy Controls

Domain 4: Implementation of Security and Privacy Controls

Domain 5: Assessment/Audit of Security and Privacy Controls

Domain 6: System Compliance

Domain 7: Compliance Maintenance


CGRC Exam Outline
2 Years
Required Work Experience
ANAB Accredited
ISO/IEC Standard 17024
U.S. DoDM 8140.03
Approved by Department of Defense

Your Pathway to Certification

Who Earns the CGRC?

The CGRC is ideal for IT, information security and information assurance practitioners who work in Governance, Risk and Compliance (GRC) roles and have a need to understand, apply and/or implement a risk management program for IT systems within an organization, including positions like:

  • Cybersecurity Auditor
  • Cybersecurity Compliance Officer
  • GRC Architect
  • GRC Manager
  • Cybersecurity Risk & Compliance Project Manager
  • Cybersecurity Risk & Controls Analyst
  • Cybersecurity Third Party Risk Manager
  • Enterprise Risk Manager
  • GRC Analyst
  • GRC Director
  • Information Assurance Manager

Set Yourself Up for Exam Success

With Official ISC2 Training, you’re guaranteed up-to-date content that aligns to the latest exam domains. Explore the training that best meets your needs and learning style, use our self-study tools or trust our training partners around the world to help you in your certification journey.

Certifications for Every Step of Your Career

No matter where you are in your cybersecurity career, ISC2 certifications help you achieve your professional goals.
See all certifications

Related CGRC Insights

June 30, 2026ISC2 Research

ISC2 Research: The Value of Cybersecurity Certifications

February 25, 2026Article

Cybersecurity Risk Quantification in Modern GRC

February 16, 2026Article

From Monster to Introspective GRC

Review access durations for all ISC2 product purchases.

Quick Reference Summary

Product Training Access eTextbook & Study Questions eBook Exam Window Exam Attempts
Exam Only 365 days 1
Exam Only with Peace of Mind Protection 180 days 2
Online Instructor-Led Training 180 days (from first session) 365 days
Online Instructor-Led Training + Exam 180 days (from first session) 365 days 365 days 1
Online Instructor-Led Training + Exam with Peace of Mind Protection 180 days (from first session) 365 days 180 days 2
Online Self-Paced Training (90-Day) 90 days 365 days
Online Self-Paced Training (180-Day) 180 days 365 days
180-Day Online Self-Paced Training + Exam 180 days 365 days 365 days 1
180-Day Online Self-Paced Training + Exam with Peace of Mind Protection 180 days 365 days 180 days 2
90-Day Online Self-Paced Training + Exam 90 days 365 days 365 days 1
90-Day Online Self-Paced Training + Exam with Peace of Mind Protection 90 days 365 days 180 days 2
Certificates, Courses, and Express Courses 60 days

 

Exam

Purchase of exam(s) only.

Access periods:

Exam code must be scheduled and administered with 365 days of purchase.


Exam with Peace of Mind Protection

Exam-only purchase with two attempts included in the purchase price.

  • Peace of Mind Protection gives candidates two exam attempts at a lower cost than two single exams. Candidates have 180 days from purchase to sit both attempts, with a 30-day waiting period between attempts. Learn more

Online Instructor-Led Training

Applies to Online Instructor-Led Training purchases without an exam.

Access periods:

  • Course materials / videos: 180-day access, starting from the date of your first live session. Materials are accessible up to one week before the first session.
  • Digital eTextbook / Study Questions eBook: 365-day access from date of first access.

Online Instructor-Led Training + Exam

Applies to Online Instructor-Led Training + Exam bundles.

Access periods:

  • Course materials / videos: 180-day access, starting from the date of your first live session. Materials are accessible up to one week before the first session.
  • Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
  • Exam: 365 days from purchase date to sit your exam.

Online Instructor-Led Training + Exam with Peace of Mind Protection

Applies to Online Instructor-Led Training and Exam with Peace of Mind Protection bundles.

Access periods:

  • Course materials / videos: 180-day access, starting from the date of your first live session. Materials are accessible up to one week before the first session.
  • Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
  • Exam with Peace of Mind Protection: Two attempts included in the bundle price.

Peace of Mind Protection gives candidates two exam attempts at a lower cost than two single exams. Candidates have 180 days from purchase to sit both attempts, with a 30-day waiting period between attempts. Learn more


Online Self-Paced Training

Available in 90-day and 180-day access options. All access periods begin from the date of purchase.

Online Self-Paced Training (90-Day)

  • Training access: 90 days from purchase date.
  • Digital eTextbook / Study Questions eBook: 365-day access from date of first access.

Online Self-Paced Training (180-Day)

  • Training access: 180 days from purchase date.
  • Digital eTextbook / Study Questions eBook: 365-day access from date of first access.

180-Day Online Self-Paced Training + Exam

  • Training access: 180 days from purchase date.
  • Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
  • Exam: 365 days from purchase date to sit your exam.

180-Day Online Self-Paced Training + Exam with Peace of Mind Protection

  • Training access: 180 days from purchase date.
  • Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
  • Exam with Peace of Mind Protection: Two attempts included in the bundle price.
  • Peace of Mind Protection gives candidates two exam attempts at a lower cost than two single exams. Candidates have 180 days from purchase to sit both attempts, with a 30-day waiting period between attempts. Learn more

90-Day Online Self-Paced Training + Exam

  • Training access: 90 days from purchase date.
  • Exam: 365 days from purchase date to sit your exam.
  • Digital eTextbook / Study Questions eBook: 365-day access from date of first access.

90-Day Online Self-Paced Training + Exam with Peace of Mind Protection

  • Training access: 90 days from purchase date.
  • Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
  • Exam with Peace of Mind Protection: Two attempts included in the bundle price.
  • Peace of Mind Protection gives candidates two exam attempts at a lower cost than two single exams. Candidates have 180 days from purchase to sit both attempts, with a 30-day waiting period between attempts. Learn more

Certificates, Courses, and Express Courses (Continuing Professional Development)

  • Training access: 60 days from purchase date.