CGRC – Governance, Risk and Compliance Certification
CGRC – Governance, Risk and Compliance Certification
CGRC – Governance, Risk and Compliance Certification
The Certified in Governance, Risk and Compliance (CGRC) exam is developed for candidates working as information security practitioner. They serve as advocates for security risk management, aiming to secure information system authorization to uphold an organization's mission and operations while adhering to legal and regulatory standards.
Experience Required
The candidates taking the CGRC – Governance, Risk and Compliance Certification exam are required to have at least 2 years cumulative work experience in one or more of the seven domains of the CGRC CBK.
Course Outline
The CGRC – Governance, Risk and Compliance Certification exam covers the following topics
- Domain 1 - Understanding Information Security Risk Management Program (16%)
- Domain 2 - Overview of Scope of the Information System (11%)
- Domain 3 - Knowledge of Selection and Approval of Security and Privacy Controls (15%)
- Domain 4 - Understanding to implement of Security and Privacy Controls (16%)
- Domain 5 - Knowledge of Assessment/Audit of Security and Privacy Controls (16%)
- Domain 6 - Learn about Authorization/Approval of Information Systems (10%)
- Domain 7 - Overview of Continuous Monitoring (16%)
Exam Format and Information
| Exam Name Governance, Risk and Compliance Certification | Exam Code CGRC |
| Exam Duration 3 hours | Exam Format Multiple Choice and Multi-Response Questions |
| Exam Type Security | Number of Questions 125 Questions |
| Eligibility/Pre-Requisite As suggested* | Exam Status Live |
| Exam Language English | Passing Score 700 out of 1000 points |