We provide virtual course about CGRC: Certified in Governance, Risk and Compliance. Earn Your GRC Certification - Be a Governance, Risk and Compliance Leader! Capitalize on the rising demand for Governance, Risk and Compliance (GRC) expertise by earning the CGRC certification.
Course description:
The CGRC is a proven way to demonstrate your knowledge and skills to integrate governance, performance management, risk management and regulatory compliance within your organization. CGRC professionals utilize frameworks to integrate security and privacy within organizational objectives, better enabling stakeholders to make informed decisions regarding data security, compliance, supply chain risk management and more.
Course goals:
In this CGRC Certification and Training, you will learn how to:
• Create an Information Security Risk Management Programme
• Scope of the Information System
• Selection and Approval of Security and Privacy Controls
• Implementation of Security and Privacy Controls
• Assessment / Audit of Security and Privacy Controls
• Authorisation / Approval of Information System
• Perform Continuous Monitoring
Course content:
Module 1 - Information Security Risk Management Programme:
• Understand the foundation of an organisation's information security risk management programme » Principles of information security.
• Understand risk management programme processes
Module 2 - Scope of the Information System:
• Define the information system
• Determine categorisation of the information system
Module 3 - Selection and Approval of Security and Privacy Controls:
• Identify and document baseline and inherited controls
• Select and tailor controls to the system
• Develop a continuous control monitoring strategy (e.g., implementation, timeline, effectiveness)
• Review and approve security plan/Information Security Management System (ISMS)
Module 4 - Implementation of Security and Privacy Controls:
• Implement selected controls
Module 5 - Assessment / Audit of Security and Privacy Controls:
• Prepare for assessment/audit
• Conduct assessment/audit
• Prepare the initial assessment/audit report
• Review initial assessment/audit report and perform remediation actions
• Develop final assessment/audit report
• Develop a remediation plan
Module 6 - Authorisation / Approval of Information Systeme:
• Compile security and privacy authorisation/approval documents
• Determine information system risk
• Authorise / approve information system
Module 7 - Continuous Monitoring:
• Determine the impact of changes to information systems and the environment
• Perform ongoing assessments / audits based on organisational requirements
• Review supply chain risk analysis monitoring activities (e.g., cyber threat reports, agency reports, news reports)
• Actively participate in response planning and communication of a cyber event
• Revise monitoring strategies based on changes to industry developments introduced through legal, regulatory, supplier, security, and privacy updates.
• Keep designated officials updated about the risk posture for continuous authorisation / approval
• Decommission information system
Target audience:
The CGRC is ideal for IT, information security and information assurance practitioners who work in Governance, Risk and Compliance (GRC) roles and have a need to understand, apply and/or implement a risk management program for IT systems within an organization, including positions like:
• Cybersecurity Auditor, Cybersecurity Compliance Officer
• GRC Architect, GRC Manager
• Cybersecurity Risk & Compliance Project Manager, Cybersecurity Risk & Controls Analyst, Cybersecurity Third Party Risk Manager.
• Enterprise Risk Manager
• GRC Analyst, GRC Director
• Information Assurance Manager
Prerequisites:
To qualify for the ISC(2) CGRC certification, you must:
• Pass the exam and
• Have at least two years of cumulative, paid work experience in one or more of the seven domains of the ISC2 CGRC Exam Outline.
Language:
• English course material, english speaking instructor
Certification:
This course and materials will help prepare you to take the CGRC – Governance, Risk and Compliance Certification
IMPORTANT! The CGRC exam voucher is NOT included in this CC training.