Skip to main content
Register for exam

CGRC – Governance, Risk and Compliance Certification

Download Ultimate GuideExplore Training
CGRC badge

Earn Your GRC Certification – Be a Governance, Risk and Compliance Leader

Capitalize on the rising demand for Governance, Risk and Compliance (GRC) expertise by earning the CGRC certification. The CGRC is a proven way to demonstrate your knowledge and skills to integrate governance, performance management, risk management and regulatory compliance within your organization.

CGRC professionals utilize frameworks to integrate security and privacy within organizational objectives, better enabling stakeholders to make informed decisions regarding data security, compliance, supply chain risk management and more.

Already Have a Peace of Mind Voucher? Learn how to redeem it now.

loading-indicator
Two women looking at post it notes
Build Your Career with the ISC2 CGRC Certification

CGRC Quick Glance

GOVERNANCE RISK AND COMPLIANCE

Shows advanced technical skills and knowledge to protect, authorize and maintain information systems within various risk management frameworks.

WHAT TO EXPECT ON THE CGRC EXAM

Domain 1: Security and Privacy Governance, Risk Management, and Compliance Program

Domain 2: Scope of the System

Domain 3: Selection and Approval of Framework, Security, and Privacy Controls

Domain 4: Implementation of Security and Privacy Controls

Domain 5: Assessment/Audit of Security and Privacy Controls

Domain 6: System Compliance

Domain 7: Compliance Maintenance


CGRC Exam Outline
2 Years
Required Work Experience
ANAB Accredited
ISO/IEC Standard 17024
U.S. DoDM 8140.03
Approved by Department of Defense

Your Pathway to Certification

Who Earns the CGRC?

The CGRC is ideal for IT, information security and information assurance practitioners who work in Governance, Risk and Compliance (GRC) roles and have a need to understand, apply and/or implement a risk management program for IT systems within an organization, including positions like:

  • Cybersecurity Auditor
  • Cybersecurity Compliance Officer
  • GRC Architect
  • GRC Manager
  • Cybersecurity Risk & Compliance Project Manager
  • Cybersecurity Risk & Controls Analyst
  • Cybersecurity Third Party Risk Manager
  • Enterprise Risk Manager
  • GRC Analyst
  • GRC Director
  • Information Assurance Manager

Set Yourself Up for Exam Success

With Official ISC2 Training, you’re guaranteed up-to-date content that aligns to the latest exam domains. Explore the training that best meets your needs and learning style, use our self-study tools or trust our training partners around the world to help you in your certification journey.

CGRC badge
Adaptive Learning

CGRC Online Self-Paced Training

Select Training
CGRC badge
Live Virtual Learning

CGRC Online Instructor-Led Training

Select Training
CGRC badge
In-Person Learning

CGRC Classroom Training

Select Training

Be the expert in governance, risk and compliance

Get the inside scoop on CGRC with these resources.

NAR: Guide to Selecting the Right Framework

Get the Guide
The Ultimate Guide to the CGRC

The Ultimate Guide to the CGRC

Get Your Guide

UK: Guide to Selecting the Right Framework

Get the Guide
Ready for Exam Day?

Ready for Exam Day?

Take the Quiz
EU: Guide to Selecting the Right Framework

EU: Guide to Selecting the Right Framework

Get the Guide
Test Your Knowledge with CGRC Flash Cards

Test Your Knowledge with CGRC Flash Cards

Get the Cards
APAC: Guide to Selecting the Right Framework

APAC: Guide to Selecting the Right Framework

Get the Guide
 

Certifications for Every Step of Your Career

No matter where you are in your cybersecurity career, ISC2 certifications help you achieve your professional goals.
See all certifications

Start your career with Certified in Cybersecurity

Cybersecurity Leadership

Security Operations

Cloud Security

Governance, Risk and Compliance

Software Security

Security Architecture

Security Engineering

Security Management

 

Related CGRC Insights

Read all CGRC Insights
October 16, 2025Article

Bridging the EU Cybersecurity Skills Gap: The ECSF and Certification Mapping

September 24, 2025Article

Resources for Addressing Supply Chain Cybersecurity Challenges

August 13, 2025Article

Taking an ISC2 Certification Exam? Mental Tools to Support Your Success