The CGRC: Certified in Governance, Risk, and Compliance (CGRC) , previously known as the Certified Authorization Professional (CAP) Training Course offered by InfosecTrain effectively showcases your expertise in blending governance, performance management, risk management, and regulatory compliance in your organization. This course employs various frameworks to incorporate security and privacy in line with organizational goals, thus empowering stakeholders to make knowledgeable choices about data security, compliance, managing risks in the supply chain, and other related areas.
Why Choose 1-on-1 Training
Register for any Course and get 4 eLearning (Worth USD 199 Self-paced Learning) Courses 100% free. Don't miss this offer Enroll Now
*All 4 free courses are eLearning modules, providing self-paced learning through instructional videos. Offer valid till February 29th, 2024.
Customized schedule
Learn at your dedicated hour
Instant clarification of doubt
Guaranteed to run
Flexibility, Convenience & Time Saving
More Effective
Learning
Cost Savings
Anytime, Anywhere – Across The Globe
Hire A Trainer
At Your Own Pace
Customized Corporate Training
InfosecTrain’s CGRC: Certified in Governance, Risk, and Compliance Training Course is a comprehensive program tailored to showcase participant’s competence in effectively integrating governance, performance management, risk management, and regulatory compliance into the organization’s operations. This course comprehensively covers seven essential domains, initiating the development of a robust information security risk management program. Following this, it thoroughly explores defining the scope of the information system. Participants are then skillfully guided through the processes of selection and approval of security and privacy controls, along with their effective Implementation. A significant emphasis is placed on the assessment and audit of these controls to ensure their efficacy.
The course further delves into the authorization and approval processes pertinent to information systems and concludes with detailed strategies for continuous monitoring. This curriculum is meticulously crafted to provide participants with a holistic understanding of how governance, risk, and compliance are integrated within an organizational framework, making it an indispensable course for professionals striving to master these critical domains.
InfosecTrain is a leading IT security training and consulting organization offering best-in-class yet cost-effective, customized training programs to enterprises and individuals across the globe. We offer role-specific certification training programs and prepare professionals for the future. Our CGRC: Certified in Governance, Risk, and Compliance Training Course employs various frameworks to incorporate security and privacy in line with organizational goals, thus empowering stakeholders to make knowledgeable choices about data security, compliance, managing risks in the supply chain, and other related areas.
Here’s what you get when you choose InfosecTrain as your learning partner:
Note:
Exam Duration | 3 Hours |
Number of Questions | 125 |
Exam Format | Multiple-choice |
Passing Score | 700 out of 1000 |
Exam Language | English |
You will be able to:
Domain 1: Information Security Risk Management Program (16%)
1.1: Understand the Foundation of an Organization Information Security Risk Management Program
1.2: Understand Risk Management Program Process
1.3: Understand Regulatory and Legal Requirements
Domain 2: Scope of the Information System (11%)
2.1: Define the Information System
2.2: Determine Categorization of the Information System
Domain 3: Selection and Approval of Security and Privacy Controls (15%)
3.1: Identify and Document Baseline and Inherited Controls
3.2: Select and Tailor Controls to the System
3.3: Develop a Continuous Control Monitoring Strategy (e.g., Implementation, Timeline, Effectiveness)
3.4: Review and Approve Security Plan/Information Security Management System (ISMS)
Domain 4: Implementation of Security and Privacy Controls (16%)
4.1: Implement Selected Controls
4.2: Document Control Implementation
Domain 5: Assessment/Audit of Security and Privacy Controls (16%)
5.1: Prepare for Assessment/Audit
5.2: Conduct Assessment/Audit
5.3: Prepare the Initial Assessment/Audit Report
5.4: Review the Initial Assessment/Audit Report and Perform Remediation Actions
5.5: Develop Final Assessment/Audit Report
5.6: Develop Remediation Plan
Domain 6: Authorization/Approval of Information Systems (10%)
6.1: Compile Security and Privacy Authorization/Approval Documents
6.2: Determine Information System Risk
6.3: Authorize/Approve Information System
Domain 7: Continuous Monitoring (16%)
7.1: Determine the Impact of Changes to the Information System and Environment
7.2: Perform Ongoing Assessments/Audits Based on Organizational Requirements
7.3: Review Supply Chain Risk Analysis Monitoring Activities (e.g., Cyber Threat Reports, Agency Reports, News Reports)
7.4: Actively Participate in Response Planning and Communication of a Cyber Event
7.5: Revise Monitoring Strategies Based on Changes to Industry Developments Introduced Through Legal, Regulatory, Supplier, Security and Privacy Updates
7.6: Keep Designated Officials Updated About the Risk Posture for Continuous Authorization/Approval
7.7: Decommission Information System
17+ Years Of Experience
CISSP-ISSAP | CCSP | CSSLP | CCISO | CISM | CISA | CRISC | CGEIT | CIPM | CIPPE | CDPSE17 + years of experience in Information Technology industry with specialization in Information Security A distinguished Information Security professional with comprehensive knowledge across all domains of Information Security. Expertise ranges from Vulnerability Assessment & Penetration Testing to Application Security, and encompasses Security Solutions as well as IT Governance, Risk & Compliance
The training was awesome. Helped me clear my concepts and also reduced my preparation time to 1/3rd. Thank you, trainer, for all your dedication to bring your gladiators to pace.
The trainer is a great presenter/tutor and teaches in a relaxing manner. His sense of humor and honesty about the task ahead for the newbie help make the challenging subject matter accessible. Thank you very much! I had been looking forward to this worksh... Read More
I loved the training. Coming for more soon. The trainer is easily reachable and helpful.. I loved the staggered payment option given.
I must say the admin team is excellent and punctual. The trainers are actually the nerve of the team and know how to engage with the students across all the topics.
Thoroughly enjoyed the course and the continuous support from the entire team..
It was a good experience. Looking forward to career growth with Infosectrain. Thank you
Really interesting courses are delivered by really knowledgeable instructors. Worth the fees
Yes, CGRC (Certified in Governance, Risk, and Compliance) previously known as the Certified Authorization Professional (CAP) certification.
The targeted audience for the CGRC certification includes
The prerequisites for enrolling in the CGRC training course are
The CGRC course curriculum covers 7 key domains, which include:
The CGRC certification program is recognized and follows standards like ANAB and ISO/IEC 17024.
The CGRC exam is a 3-hour test with 125 multiple-choice questions. The passing grade is 700 out of 1000 points, and the exam is conducted in English at Pearson VUE Testing Centers.
The passing score is 700 out of 1000 points.
Yes, you can access course materials and resources after completing the CGRC certification training.
The CGRC certification is valid for three years. Holders must comply with Continuing Professional Education (CPE) policies and pay a yearly maintenance fee. The renewal process involves satisfying the CAP CPE requirement and paying the annual maintenance fee (AMF), which is $125 for members and $50 for associates.
For further questions or assistance regarding the CGRC certification program, you can contact the service and support team of the InfosecTrain.