CGRC – Governance, Risk and Compliance Certification

Earn Your GRC Certification – Be a Governance, Risk and Compliance Leader
Capitalize on the rising demand for Governance, Risk and Compliance (GRC) expertise by earning the CGRC certification. The CGRC is a proven way to demonstrate your knowledge and skills to integrate governance, performance management, risk management and regulatory compliance within your organization.
CGRC professionals utilize frameworks to integrate security and privacy within organizational objectives, better enabling stakeholders to make informed decisions regarding data security, compliance, supply chain risk management and more.
CGRC Quick Glance
GOVERNANCE RISK AND COMPLIANCE
Shows advanced technical skills and knowledge to protect, authorize and maintain information systems within various risk management frameworks.
WHAT TO EXPECT ON THE CGRC EXAM
Domain 1: Security and Privacy Governance, Risk Management, and Compliance Program
Domain 2: Scope of the System
Domain 3: Selection and Approval of Framework, Security, and Privacy Controls
Domain 4: Implementation of Security and Privacy Controls
Domain 5: Assessment/Audit of Security and Privacy Controls
Domain 6: System Compliance
Domain 7: Compliance Maintenance
CGRC Exam Outline
Required Work Experience
ISO/IEC Standard 17024
Approved by Department of Defense
Your Pathway to Certification
Who Earns the CGRC?
The CGRC is ideal for IT, information security and information assurance practitioners who work in Governance, Risk and Compliance (GRC) roles and have a need to understand, apply and/or implement a risk management program for IT systems within an organization, including positions like:
- Cybersecurity Auditor
- Cybersecurity Compliance Officer
- GRC Architect
- GRC Manager
- Cybersecurity Risk & Compliance Project Manager
- Cybersecurity Risk & Controls Analyst
- Cybersecurity Third Party Risk Manager
- Enterprise Risk Manager
- GRC Analyst
- GRC Director
- Information Assurance Manager
Set Yourself Up for Exam Success
With Official ISC2 Training, you’re guaranteed up-to-date content that aligns to the latest exam domains. Explore the training that best meets your needs and learning style, use our self-study tools or trust our training partners around the world to help you in your certification journey.
Be the expert in governance, risk and compliance
Get the inside scoop on CGRC with these resources.
.jpg?h=416&iar=0&w=416)
NAR: Guide to Selecting the Right Framework
Get the Guide
The Ultimate Guide to the CGRC
Get Your Guide.jpg?h=416&iar=0&w=416)
UK: Guide to Selecting the Right Framework
Get the Guide
CGRC Knowledge Check
Get Started.jpg?h=416&iar=0&w=416)
EU: Guide to Selecting the Right Framework
Get the Guide
Test Your Knowledge with CGRC Flash Cards
Get the Cards
APAC: Guide to Selecting the Right Framework
Get the GuideCertifications for Every Step of Your Career
Related CGRC Insights

June 30, 2026•ISC2 Research
ISC2 Research: The Value of Cybersecurity Certifications

February 25, 2026•Article
Cybersecurity Risk Quantification in Modern GRC

February 16, 2026•Article
From Monster to Introspective GRC
Review access durations for all ISC2 product purchases.
Quick Reference Summary
| Product | Training Access | eTextbook & Study Questions eBook | Exam Window | Exam Attempts |
|---|---|---|---|---|
| Exam Only | — | — | 365 days | 1 |
| Exam Only with Peace of Mind Protection | — | — | 180 days | 2 |
| Online Instructor-Led Training | 180 days (from first session) | 365 days | — | — |
| Online Instructor-Led Training + Exam | 180 days (from first session) | 365 days | 365 days | 1 |
| Online Instructor-Led Training + Exam with Peace of Mind Protection | 180 days (from first session) | 365 days | 180 days | 2 |
| Online Self-Paced Training (90-Day) | 90 days | 365 days | — | — |
| Online Self-Paced Training (180-Day) | 180 days | 365 days | — | — |
| 180-Day Online Self-Paced Training + Exam | 180 days | 365 days | 365 days | 1 |
| 180-Day Online Self-Paced Training + Exam with Peace of Mind Protection | 180 days | 365 days | 180 days | 2 |
| 90-Day Online Self-Paced Training + Exam | 90 days | 365 days | 365 days | 1 |
| 90-Day Online Self-Paced Training + Exam with Peace of Mind Protection | 90 days | 365 days | 180 days | 2 |
| Certificates, Courses, and Express Courses | 60 days | — | — | — |
Exam
Purchase of exam(s) only.
Access periods:
Exam code must be scheduled and administered with 365 days of purchase.
Exam with Peace of Mind Protection
Exam-only purchase with two attempts included in the purchase price.
- Peace of Mind Protection gives candidates two exam attempts at a lower cost than two single exams. Candidates have 180 days from purchase to sit both attempts, with a 30-day waiting period between attempts. Learn more
Online Instructor-Led Training
Applies to Online Instructor-Led Training purchases without an exam.
Access periods:
- Course materials / videos: 180-day access, starting from the date of your first live session. Materials are accessible up to one week before the first session.
- Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
Online Instructor-Led Training + Exam
Applies to Online Instructor-Led Training + Exam bundles.
Access periods:
- Course materials / videos: 180-day access, starting from the date of your first live session. Materials are accessible up to one week before the first session.
- Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
- Exam: 365 days from purchase date to sit your exam.
Online Instructor-Led Training + Exam with Peace of Mind Protection
Applies to Online Instructor-Led Training and Exam with Peace of Mind Protection bundles.
Access periods:
- Course materials / videos: 180-day access, starting from the date of your first live session. Materials are accessible up to one week before the first session.
- Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
- Exam with Peace of Mind Protection: Two attempts included in the bundle price.
Peace of Mind Protection gives candidates two exam attempts at a lower cost than two single exams. Candidates have 180 days from purchase to sit both attempts, with a 30-day waiting period between attempts. Learn more
Online Self-Paced Training
Available in 90-day and 180-day access options. All access periods begin from the date of purchase.
Online Self-Paced Training (90-Day)
- Training access: 90 days from purchase date.
- Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
Online Self-Paced Training (180-Day)
- Training access: 180 days from purchase date.
- Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
180-Day Online Self-Paced Training + Exam
- Training access: 180 days from purchase date.
- Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
- Exam: 365 days from purchase date to sit your exam.
180-Day Online Self-Paced Training + Exam with Peace of Mind Protection
- Training access: 180 days from purchase date.
- Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
- Exam with Peace of Mind Protection: Two attempts included in the bundle price.
- Peace of Mind Protection gives candidates two exam attempts at a lower cost than two single exams. Candidates have 180 days from purchase to sit both attempts, with a 30-day waiting period between attempts. Learn more
90-Day Online Self-Paced Training + Exam
- Training access: 90 days from purchase date.
- Exam: 365 days from purchase date to sit your exam.
- Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
90-Day Online Self-Paced Training + Exam with Peace of Mind Protection
- Training access: 90 days from purchase date.
- Digital eTextbook / Study Questions eBook: 365-day access from date of first access.
- Exam with Peace of Mind Protection: Two attempts included in the bundle price.
- Peace of Mind Protection gives candidates two exam attempts at a lower cost than two single exams. Candidates have 180 days from purchase to sit both attempts, with a 30-day waiting period between attempts. Learn more
Certificates, Courses, and Express Courses (Continuing Professional Development)
- Training access: 60 days from purchase date.








