(ISC)2 Certified in Governance, Risk, and Compliance (CGRC) focuses on the Risk Management Framework prescribed by NIST Standards, as implemented according to the requirements of (ISC)2 CAP Certification. This course is current as of April 2022. It was revised in accordance with new and updated NIST publications over the preceding two years, including NIST Special Publication (SP) 800-37, R2; SP-800-53, R5; SP 800-160, versions 1 and 2; and SP 800-171, R1 (among others), and the (ISC)2 CGRC Certification Exam Outline, in compliance with the stringent requirements of ANSI/ISO/IEC Standard 17024.
NOTE: (ISC)² has updated the name of the Certified Authorization Professional (CAP) certification to Certified in Governance, Risk and Compliance (CGRC) effective February 15, 2023. The exam and training for this certification is not affected by the name change. The exam was last refreshed in August of 2021 and 30 Bird’s course titled (ISC)² Certified Authorization Professional (CAP) maps to that exam. To accommodate the name change, 30 Bird’s course titled (ISC)² Certified Authorization Professional (CAP) has been retired and replaced with (ISC)² Certified in Governance, Risk and Compliance (CGRC). None of the course content has changed as a result of name change.
Chapter 1: RMF-CGRC regulations, roles, and responsibilities
Module A: Introduction to RMF-CGRCModule B: Cybersecurity policy regulations and framework Module C: RMF-CGRC roles and responsibilities
Chapter 2: Risk analysis
Module A: Risk managementModule B: Risk assessment and the RMF process
Chapter 3: The RMF-CGRC process
Module A: CGRC Domain 1—PrepareModule B: CGRC Domain 2—Categorize Module C: CGRC Domain 3—Select Module D: CGRC Domain 4—Implement Controls Module E: CGRC Domain 5—Assess Controls Module F: CGRC Domain 6—Authorize Module G: CGRC Domain 7—Monitor Security Controls
Candidates must have a minimum of 2 years cumulative paid full-time work experience in 1 or more of the 7 domains of the CAP CBK.
If you do not have the required experience, you may still sit for the exam and become an Associate of (ISC)² until you have gained the required experience.
Duration3 Days | 6 Nights
*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.