Governance, Risk and Compliance (CGRC) Certificate

This course will help deepen your understanding of RMF concepts and processes and prepare you for the CGRC exam.

The International Information Systems Security Certification Consortium (ISC 2) Certified in Governance, Risk and Compliance (CGRC) is the industry standard for proving your understanding of the RMF related to risk assessment and security documentation.

About the Course

This course will help you prepare for ISC2 CGRC certification. The DOD Approved CGRC certification is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Earning the CGRC certification validates the knowledge of policies, procedures and methods of NIST SP 800-53. Prepares for the ISC2 CGRC Certification.

Who This Course Is For

  • For IT, information security and information assurance professionals and contractors seeking to  confirm their expertise and skill in authorizing and maintaining information systems within the RMF

  • Earning the CGRC certification is a proven way to build your career and demonstrate your expertise within the RMF

  • You need two years of cumulative work experience in at least one of the CGRC domains to achieve the CGRC, but you can become an Associate of (ISC)² by passing the exam without experience.


Skills you will develop in the course

CGRC is the only certification under the DoD8570 mandate that aligns with each RMF step. It shows employers you have the advanced technical skills and knowledge to authorize and maintain information systems within the RMF using best practices, policies and procedures established by the cybersecurity experts at (ISC)².


Why CGRC Matters

  • CGRC is often recognized by HR departments, recruiters, and hiring managers

  • It shows your commitment to cybersecurity. It could be easier for you to get a job.

  • New certifications, such as the CGRC, often lead to salary increases.
  • You may qualify for more advanced roles within your company.

Common Job Roles For CGRC

  • Information Systems Analyst
  • Cybersecurity Analyst 
  • Senior Project Manager IT
  • Information Security Manager 
  • Information Technology Auditor
  • Information Security Specialist
  • Cybersecurity Engineer
startup, meeting, brainstorming

CGRC is ideal for IT, information security, and information assurance practitioners and contractors who use the RMF in:

  • The U.S. federal government, such as the U.S. Department of State or Department of Defense

  • The military

  • Civilian roles, such as federal contractors

  • Local governments

  • Private sector organizations

Learn the best ethical hacking practices and techniques to prepare for the CGRC exam from experts with real-world experience in cyber security. Take your skills to the next level today!

Scroll to Top