CGRC - Certified in Governance, Risk and Compliance

Overview

Course summary

The CGRC certification focuses on integrating governance, risk management, and regulatory compliance within organisations. This self-paced course offers an in-depth exploration of the seven CGRC domains, preparing professionals to effectively manage and authorise information systems within various risk management frameworks. 

At the end of the course, you have the option to take three-hour multiple-choice exam with 125 questions. For more information, see the CGRC Certification Exam outline.

Who is this course for? 

This course is tailored for IT, information security, and information assurance professionals involved in governance, risk, and compliance roles. It is suitable for positions such as: 

  • Cybersecurity Auditor 
  • Cybersecurity Compliance Officer 
  • Cybersecurity Risk and Compliance Project Manager 
  • GRC Manager 
  • Information Assurance Manager 

Entry requirements

You must have at least two years of cumulative work experience in one or more of the seven CGRC domains. Those without the required experience can become an Associate of ISC2 by passing the CGRC exam and will have three years to gain the necessary experience. 

What's included in the course price? 

The course price includes: 

  • 180-hours’ subscription  
  • access to the online materials 
  • one exam voucher 

No VAT is payable on our short courses.

Course structure

The course is divided into eight modules, each corresponding to a CISSP domain: 

  • Security and Risk Management
  • Asset Security
  • Security Architecture and Engineering
  • Communication and Network Security
  • Identity and Access Management (IAM)
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security 

Each module includes interactive study materials, real-world applications, case studies, and assessments to reinforce learning. 

ISC2 Adaptive Training

ISC2 Adaptive Training is an innovative, AI-driven learning platform designed to help delegates prepare efficiently for ISC2 certification exams. This personalised training experience adapts to each delegate's strengths and weaknesses, optimising study time by focusing on areas that need improvement.

Key benefits of ISC2 Adaptive Training include:

  • Personalised learning paths – AI technology assesses knowledge gaps and tailors study materials accordingly.
  • Dynamic questioning – The system continuously adjusts difficulty levels based on user responses to enhance retention.
  • Efficient exam preparation – Focuses on weak areas, reducing unnecessary study time.
  • Real-time progress tracking – Learners receive insights into their readiness, helping them prepare strategically.

This training approach maximises efficiency, helping candidates feel confident and prepared for their ISC2 certification exams.

Accreditation

The CGRC certification is accredited under the ANSI ISO/IEC Standard 17024 and is approved by the UK Ministry of Defence as well as the US Department of Defense under Directive 8140.03. 

ISC2 Academic Partner

Learning outcomes

By the end of this course, participants will be able to: 

  • Develop and manage security and privacy governance, risk management, and compliance programmes. 
  • Define the scope of information systems accurately. 
  • Select and approve appropriate security and privacy controls. 
  • Implement security and privacy controls effectively. 
  • Assess and audit security and privacy controls. 
  • Ensure system compliance with relevant standards and regulations. 
  • Maintain ongoing compliance through continuous monitoring and improvement. 

Booking

Thank you for your interest in this course. New dates will be announced shortly - fill in our enquiry form to be the first to know when bookings open.

If you have questions about the course in the meantime, please contact us at .

Contact us

+44 (0)20 350 69900

[email protected]

Phone lines are open Monday – Friday, 10am–4pm