(ISC)² Certified in Governance, Risk, and Compliance (CGRC)

Chapter 1: RMF-CGRC regulations, roles, and responsibilities

Module A: Introduction to RMF-CGRC
Module B: Cybersecurity policy regulations and framework
Module C: RMF-CGRC roles and responsibilities

Chapter 2: Risk analysis

Module A: Risk management
Module B: Risk assessment and the RMF process

Chapter 3: The RMF-CGRC process

Module A: CGRC Domain 1—Prepare
Module B: CGRC Domain 2—Categorize
Lab: RMF Step 1–CGRC Domain 2
Module C: CGRC Domain 3—Select
Lab: RMF Step 2–CGRC Domain 3
Module D: CGRC Domain 4—Implement Controls
Lab: RMF Step 3–CGRC Domain 4
Module E: CGRC Domain 5—Assess Controls
Lab: RMF Step 4–CGRC Domain 5
Module F: CGRC Domain 6—Authorize
Module G: CGRC Domain 7—Monitor Security Controls
Lab: RMF Step 6–CGRC Domain 7


Appendix A: Supplemental reference
Appendix B: RMF-CGRC review and steps checklists
Appendix C: Acronym reference
Appendix D: Answer key—Chapter 3 Labs

(ISC)2 Certified in Governance, Risk, and Compliance (CGRC) focuses on the Risk Management Framework prescribed by NIST Standards, as implemented according to the requirements of (ISC)2 CAP Certification. This course is current as of April 2022. It was revised in accordance with new and updated NIST publications over the preceding two years, including NIST Special Publication (SP) 800-37, R2; SP-800-53, R5; SP 800-160, versions 1 and 2; and SP 800-171, R1 (among others), and the (ISC)2 CGRC Certification Exam Outline, in compliance with the stringent requirements of ANSI/ISO/IEC Standard 17024.

NOTE: (ISC)² has updated the name of the Certified Authorization Professional (CAP) certification to Certified in Governance, Risk and Compliance (CGRC) effective February 15, 2023. The exam and training for this certification is not affected by the name change. The exam was last refreshed in August of 2021 and 30 Bird’s course titled (ISC)² Certified Authorization Professional (CAP) maps to that exam. To accommodate the name change, 30 Bird’s course titled (ISC)² Certified Authorization Professional (CAP) has been retired and replaced with (ISC)² Certified in Governance, Risk and Compliance (CGRC). None of the course content has changed as a result of name change.

For more information and access to the PowerPoint files, please e-mail sales@30bird.com.

To request the PowerPoints for this course, please e-mail sales@30bird.com.

(ISC)² Certified in Governance, Risk, and Compliance (CGRC)

  • Product Code: CGRC-R10-
  • Availability: In Stock
  • Days of Training: 5
  • $107.50

Build Your Solution

Tags: RMF, risk, management, framework, C&A, FISMA, DOD, IC, NIST, CAP, information, security, federal, defense, government, framework, CGRC