Governance, Risk, and Compliance Certification (CGRC™)
The ISC² Certified in Governance, Risk, and Compliance (CGRC™), previously known as Certified Authorization Professional (CAP®), teaches you the best practices, policies, and procedures used to authorize and maintain information systems. You will learn how to use the Risk Management Framework (RMF) to support your organization's operations while complying with legal and regulatory requirements.
What You Can Expect
- Online, immersive format
- 3 days of live, expert-led training
- Learn in a cohort of peers
- Limited seats per session
Who Should Enroll?
This boot camp is intended for current IT professionals, including information security officers, senior system managers, systems administrators, and information security professionals who use the RMF.
While anyone can enroll in this boot camp training course, you must have at least two years of professional experience in at least one of the seven domains listed in the (ISC)² CGRC™ Common Body of Knowledge (CBK) to qualify for full CGRC™ certification.
(ISC)² CGRC™ Training Boot Camp FAQs
Why should I earn the CGRC™ certification?
The CGRC™ certification, offered by (ISC)², verifies that a holder has the knowledge and skills to securely create, authorize, and maintain information systems within an organization. It is an especially important certification for those working in security risk management and the Risk Management Framework (RMF). Though it is a relatively new certification, coming on the scene in 2015, it is already well-known and highly regarded across the country.
What is GRC (Governance, Risk, and Compliance)?
GRC stands for governance, risk, and compliance. It is an acronym that was developed by the OCEG, originally called the Open Compliance and Ethics Group, and is the integrated capability of an organization to reliably achieve its objectives while addressing uncertainty and acting with integrity at all times.
What is the job demand for CGRC™ certified professionals?
The job outlook for CGRC™ certification holders is extremely good overall, but some areas, such as Washington D.C. and Virginia, have even more jobs than others. CGRC™ is a certification that is highly recognized by both private and government organizations. The United States federal government and the Department of Defense are among the largest organizations hiring Certified Authorization Professionals currently.
What salary can I expect with my CGRC™ certification?
The United States national average salary of CGRC™ certification holders to be $192,585 according to Salary.com. This is nearly double early estimates for the certification due to high demand and the advanced security roles that CGRC™ certification holders are able to obtain after earning certification.
How long is the CGRC™ certification valid after passing the exam?
Your certification is valid for three years and will need to be renewed at the end of this period. To ensure that your skills remain up to date, you must earn 45 CEUs during each three-year renewal period and pay an annual $125 maintenance fee.
What are common job titles for CGRC™ certification holders?
Common positions for CGRC™ certification holders include information security risk manager, IT risk manager, information systems auditor, chief information security officer, information assurance engineer, information systems manager, IT security manager, authorization specialist, security consultant, cybersecurity engineer, and cybersecurity analyst.