(ISC)2 CGRC – Certified in Governance, Risk and Compliance
Certified in Governance, Risk and Compliance (CGRC) cybersecurity professionals have the knowledge and skills to integrate governance, performance management, risk management and regulatory compliance within the organization while helping the organization achieve objectives, address uncertainty and act with integrity. CGRC professionals align IT goals with organizational objectives as they manage cyber risks and achieve regulatory needs. They utilize frameworks to integrate security and privacy with the organization’s overall objectives, allowing stakeholders to make informed decisions regarding data security and privacy risks.
Earning the CGRC certification is a proven way to build your career and demonstrate your expertise to employers that you have the advanced technical skills and knowledge to manage risk, ensure compliance, authorize, and maintain information systems within an organization.
The CGRC exam evaluates your expertise across seven security domains. These domains cover the topics you need to master to be confidently ready to take the exam. The domains are Information Security Risk Management Program, Scope of the Information System, Selection and Approval of Security and Privacy Controls, Implementation of Security and Privacy Controls, Assessment/Audit of Security and Privacy Controls, Authorization/Approval of Information System, and Continuous Monitoring.
CGRC is beneficial for Security Control Assessors, Auditors, Information Security Analyst, Cybersecurity Analyst, Information System Security Officer, Compliance Analyst, Risk Analyst, Risk Manager, Information System Security Manager, Chief Information Security Officer, and Contractors in the government agencies and private sector organizations.
Prove your skills, advance your career, and gain support from a community of cybersecurity leaders to help you throughout your professional journey.