Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Yusuf
Reader II
‎05-19-2023 08:56 PM
‎05-19-2023 08:56 PM

A Concise Guide to the Certified in Governance, Risk, and Compliance (CGRC) Exam

As many of you have reached out to me asking about the resources I used to prepare for the Certified in Governance, Risk, and Compliance (CGRC) exam, and given the noticeable lack of resources or guidance in this area, I've decided to put together a concise guideline to assist you in your journey towards CGRC certification.

 

https://www.linkedin.com/pulse/concise-guide-certified-governance-risk-compliance-cgrc-yusuf-purna

 

It is my sincere hope that you will find this guide useful and insightful, and it will serve as a roadmap to ease your preparation process.

 

 

Reply
6 Replies
gil600221
Newcomer I
‎05-23-2023 02:08 AM
‎05-23-2023 02:08 AM

I was hoping and expecting a downloadable PDF file, but I guess not? Thanks for your page on this pertinent information anyways?

 

Gilbert

CySA+, SSCP, MCP, IT

Reply
JRock94
Newcomer I
‎05-23-2023 08:47 AM
‎05-23-2023 08:47 AM

Excellent writeup Yusuf!

Reply
ericgeater
Community Champion
‎05-23-2023 09:12 AM
‎05-23-2023 09:12 AM

Thanks, Yusuf!  I appreciate your submission.  Also, congratulations on passing the CGRC!  I saw that in your LI profile.  

-----------
A claim is as good as its veracity.
Reply
Akdxb
Viewer III
‎06-03-2023 09:44 AM
‎06-03-2023 09:44 AM

Thaniks for the information

Reply
1Purplenut
Newcomer I
‎07-05-2024 08:32 PM
‎07-05-2024 08:32 PM

This is great information.  I have been working with the federal government as an ISSO for 15+ years working with policy & compliance.  I would suggest adding NIST 800-171 for non-government systems to this list.  Now that we are doing more cloud systems at my agency, when the vendors do not have FedRAMP authorization we ask them to provide a self-assessment based on NIST 800-171.  This gives us somewhere to start because for some of them this whole security control thing is new, and it provides at least some guidance for them as to what we expect.  NIST 800-53, 53A (Assessment), and 53B (Baselines) are great and there is a ton of good information there, but federal agencies do require more than the private sector and that deep of an understanding may or may not be needed for the exam.  However, if you have that level of understanding the test would/will be easier to pass.  Just my 2 cents.  Oh, and you should definitely know the regulations/references by name and number.

Reply
0 Kudos
1Purplenut
Newcomer I
‎07-05-2024 08:37 PM
‎07-05-2024 08:37 PM

There is probably a ton of information and .pdf type stuff for the CAP certification and that would serve as a good base for this information.  You could start with that and build from there.  The best way to learn the information is to work with it so if you could get an internship or a detail to a position that deals with Governance, Risk and Compliance you could learn on the job.

Reply
0 Kudos