Strategic Partner for Your Success in IT, GRC, CRR, and Conformity Consulting & Certification.


(ISC)² Certified in Governance, Risk and Compliance (CGRC)



Become an CGRC – Certified in Governance, Risk and Compliance

A professional earning the Certified in Governance, Risk and Compliance (CGRC®) is an information security practitioner who advocates for security risk management in pursuit of information system authorization to support an organization’s mission and operations in accordance with legal and regulatory requirements.

The broad spectrum of topics included in the CGRC Common Body of Knowledge (CBK®) ensure its relevancy across all disciplines in the field of information security.


Earning the CGRC certification is a proven way to build your career and demonstrate your expertise within various risk management frameworks.

CGRC demonstrates to employers that you have the advanced technical skills and knowledge to understand Governance, Risk and Compliance (GRC) and can authorize and maintain information systems utilizing various risk management frameworks, as well as best practices, policies and procedures.


Who Earns the CGRC?

The CGRC is ideal for IT, information security and information assurance practitioners who work in Governance, Risk and Compliance (GRC) roles and have a need to understand, apply and/or implement a risk management program for IT systems within an organization.



Experience Requirements

Candidates must have a minimum of two years cumulative work experience in one or more of the seven domains of the CGRC CBK.

A candidate that doesn’t have the required experience to become a CGRC may become an Associate of (ISC)² by successfully passing the CGRC examination. The Associate of (ISC)² will then have three years to earn the two years of required, relevant experience. Learn more about CGRC experience requirements and how to account for part-time work and internships at www.isc2.org/Certifications/CGRC/experience-requirements.


Accreditation

CGRC is in compliance with the stringent requirements of ANSI/ISO/IEC Standard 17024.


What will You Need to Know to Pass the CGRC Exam?

The CGRC exam evaluates your expertise across seven domains. Think of the domains as topics you need to master based on your professional experience and education.

  • Domain 1: Information Security Risk Management Program
  • Domain 2: Scope of the Information System
  • Domain 3: Selection and Approval of Security and Privacy Controls Domain 4: Implementation of Security and Privacy Controls
  • Domain 5: Assessment/Audit of Security and Privacy Controls
  • Domain 6: Authorization/Approval of Information System
  • Domain 7: Continuous Monitoring


Certified in Cybersecurity


Systems Security Certified Practitioner


Certified Cloud Security Professional


Governance, Risk and Compliance


Certified Secure Software Lifecycle Professional



HealthCare Information Security and Privacy Practitioner



Certified Information Systems Security Professional


CISSP - Information Systems Security Architecture Professional



CISSP - Information Systems Security Engineering Professional



CISSP - Information Systems Security Engineering Professional





Sword & Shield consulting. All rights Reserved


Terms
Privacy
Cookies