The (ISC)² Certified in Governance, Risk, and Compliance (CGRC™), previously known as Certified Authorization Professional (CAP®), teaches you the best practices, policies, and procedures used to authorize and maintain information systems. You will learn how to use the Risk Management Framework (RMF) to support your organization's operations while complying with legal and regulatory requirements.
The CGRC certification is sought after by civilian, state, and local governments, as well as system integrators supporting these organizations. Additionally, you will learn about the purpose of information systems security authorization, describing and deciding when systems authorization is employed, and defining systems authorization, roles, and responsibilities.
Upon boot camp completion, you will have a firm understanding of the legal and regulatory requirements for Assessment and Authorization (A&A), maintaining systems documentation, and much more. You will leave with the knowledge and skills necessary to earn your (ISC)² CGRC™ certification, which verifies your ability to set up the formal processes used to assess risk and establish security requirements.
The exam cost for the (ISC)² CGRC™ certification exam is included with your enrollment.
Our Certification Success Program, paired with our provided prep materials, boot camp sessions, and post-work, is designed to ease any concerns you may have when taking the certification exam. If your first attempt is unsuccessful, this program provides peace of mind that you may be eligible to take the certification exam a second time (if needed) at no additional fee.
*To qualify for a second certification exam voucher, students must:
- Attend at least 85% of each day of class
- Score a 90% or higher on their final practice exam
- Take the first exam within 90 days of class completion
- Upload your exam failure notice from your first exam attempt