ISC2 Certified in Governance, Risk & Compliance (CGRC®) Certification Training Boot Camp
Learn how to maintain and authorize information systems within the NIST Risk Management Framework (RMF). You’ll leave this boot camp with the knowledge and domain expertise needed to pass the Certified in Governance, Risk and Compliance (CGRC) exam the first time you take it.
What you'll learn
Training overview
Infosec’s CGRC Boot Camp teaches you best practices, policies and procedures used to authorize and maintain information systems. You’ll learn how to use the RMF to support your organization’s operations while complying with legal and regulatory requirements.
The ISC2 Certified in Governance, Risk and Compliance (CGRC) certification is sought after by civilian, state and local governments, as well as system integrators supporting these organizations. You’ll leave with the knowledge and skills necessary to earn your ISC2 CGRC certification, which verifies your ability to set up the formal processes used to assess risk and establish security requirements.
What's included
Everything you need to know about Governance, Risk and Compliance Certification (CGRC)
- 90-day extended access to Boot Camp components, including class recordings
- 100% Satisfaction Guarantee
- Exam Pass Guarantee
- Exam voucher
- Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
- Knowledge Transfer Guarantee
- Pre-study learning path
- Unlimited practice exam attempts
Syllabus
ISC2 CGRC Training schedule
Day 1
Introduction
Risk Management Framework
- Understanding the Risk Management Framework
- Categorization of information system
- Selection of security controls
- Security control implementation
- Security control assessment
- Information system authorization
- Monitoring of security controls
Risk Management Framework continued
Optional group & individual study
Schedule may vary from class to class
Day 2
Categorize information system
- Information system
- System security plan
- Categorize a system
- National security system
- Privacy activities
- System boundaries
- Register system
Select security controls
- Establish the security control baseline
- Common controls and security controls inheritance
- Risk assessment as part of the Risk Management Framework (RMF)
Optional group & individual study
Schedule may vary from class to class
Day 3
Implement security controls
- Implement selected security controls
- Tailoring of security controls
- Document security control implementation
Assess security controls
- Prepare for security control assessment
- Establish security control assessment plan (SAP)
- Determine security control effectiveness and perform testing
- Develop initial security assessment report (SAR)
- Perform initial remediation actions
- Develop final security assessment report and addendum
Authorize information system
- Develop plan of action and milestones (POAM)
- Assemble security authorization package
- Determine risk
- Determine the acceptability of risk
- Obtain security authorization decision
Monitor security state
- Determine security impact of changes to system and environment
- Perform ongoing security control assessments
- Conduct ongoing remediation actions
- Update key documentation
- Perform periodic security status reporting
- Perform ongoing risk determination and acceptance
- Decommission and remove system
Optional group & individual study
Schedule may vary from class to class
What makes the Infosec CGRC prep course different?
You can rest assured that the GRC training and certification materials are fully updated and synced with the latest version of the exam. In addition, you’ll gain access to a CGRC prep course the moment you enroll, so you can prepare for and get the most out of your boot camp.
With 20 years of training experience, we stand by our CGRC ISC2 training with an Exam Pass Guarantee. This means if you don’t pass the exam on the first attempt, we’ll pay for your second exam at no additional cost to you!
Infosec success stories
"The team at Infosec was great from the start, and they were as excited about my journey as I was. They explained the value behind each training I was considering and how it could further my goals. Their enthusiasm was a great motivation throughout the boot camp."
Elle Autumn
EC-Council Certified Ethical Hacking Course: CEH Certification Training Boot Camp Read Elle's Story
"Infosec has uniquely prepared me for any CMMC retraining that will take place inevitably in the future. With them, it’s not just about completing the certification; it's about being a true contributor to the ecosystem."
James Ahern
Certified CMMC Assessor (CCA) Boot Camp Read James's Story
"The hands-on training was the best part. You have an instructor you can actually reach out to and ask questions — not only on the material, but also about things out in the wild with cybersecurity."
Eddie Quinones
CompTIA Security+ Certification Training Boot Camp Read Eddie's Story
"The Infosec CISM Boot Camp gave me the ability to intelligently explain why I'm making a decision. Ultimately, the C-suite is happy and they know, 'Hey, here's a person that we can rely on."
Mohammad Mirza
ISACA Certified Information Security Manager (CISM) Training Boot Camp Read Mohammad's StoryGuaranteed results
Our Boot Camp guarantees
Exam Pass Guarantee
If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year (does not apply to CMMC-AB Boot Camps).
100% Satisfaction Guarantee
If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.
Knowledge Transfer Guarantee
If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
Who should attend
- Information system security officers
- Senior system managers
- System administrators
- IT and information security professionals who use the RMF
- Anyone looking to learn more about the NIST-based information systems security authorization process
Before your Boot Camp
Prerequisites
Award-winning training you can trust
Available scheduled dates
Meets 8570.1 requirements
Attention DoD Information Assurance workers! This boot camp helps meet U.S. Department of Defense Directive 8570.1 requirements for department employees or contractors engaged in work related to information security.
Why choose Infosec?
Category
Infosec
SANS Institute
Training Camp
Global Knowledge (Skillsoft)
AI-powered, hands-on skill validation
12 Roles
Integrated for all roles
90 days
*Protects your investment if trained employees leave within three months of obtaining certification (Infosec will train a different employee at the same organization tuition-free for up to one year).
Explore our top boot camps
