Here are some options for CGRC.
Thanks, but there is an error:
ISO 27001/ISO 27002 A Pocket Guide, 2nd Edition isn't published by McGraw-Hill. Its from It Governance Publishing
Looking forward to new editions that cover the 2022 editions of 27001/2
There is NO text book for the CGRC exam.
These are the recommended reference material to study.
Information Security Risk Management for ISCO 27001/ISO 27002, 3rd Edition by Alan Calder, Steve Watkings. Publisher: IT Governance Publishing. (Aug, 2019).
ISO 27001/ISO 27002 A Pocket Guide, 2nd Edition by Chris Davis, Mike Kegerreis, Mike Schille. Publisher: IT Governance Publishing. (Oct, 2013).
IT Auditing Using Controls to Protect Information Assets, 3rd Edition by Mike Kegerreis, Mike Schiller, Chris Davis. Publisher: McGraw-Hill Education. (Oct, 2019).
NIST FIPS-199, Standards for Security Categorization of Federal Information and Information Systems by U.S. Dept. of Commerce. (Feb, 2004).
NIST SP 800-115, Technical Guide to Information Security Testing and Assessment by Karen Scarfone, Murugiah Souppaya, Amanda Cody, Angela Orebaugh. (Sep, 2008).
NIST SP 800-137, Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations by Kelley Dempsey, Nirali Shah Chawla, Arnold Johnson, Ronald Johnston, Alicia Clay Jones, Angela Orebaugh, Matthew Scholl, Kevin Stine. (Sep, 2011).
NIST SP 800-160, Vol. 1, Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems by Ron Ross, Michael McEvilley, Janet Carrier Oren. (Mar, 2018).
NIST SP 800-30, Rev. 1, Guide for Conducting Risk Assessments by Joint Task Force Transformation Initiative. (Sep, 2012).
NIST SP 800-37, Rev. 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy by Joint Task Force Transformation Initiative. (Dec, 2018).
NIST SP 800-39, Managing Information Security Risk: Organization, Mission, and Information System View by Joint Task Force Transformation Initiative. (Mar, 2011).
NIST SP 800-53, Rev. 5, Security and Privacy Controls for Information Systems and Organizations by Joint Task Force Transformation Initiative. (Sep, 2020).
NIST SP 800-53B, Control Baselines for Information Systems and Organizations by Joint Task Force Transformation Initiative. (Oct, 2020).
NIST SP 800-60, Vol. 1, Rev. 1, Guide for Mapping Types of Information and Information Systems to Security Categories by Kevin Stine, Rich Kissel, William C. Barker, Jim Fahlsing, Jessica Gulick. (Aug, 2008).
NIST SP 800-70, Rev. 4, National Checklist Program for IT Products: Guidelines for Checklist Users and Developers by Stephen D. Quinn, Murugiah Souppaya, Melanie Cook, Karen Scarfone. (Sep, 2020).
NIST SP 800-88, Guidelines for Media Sanitization by Richard Kissel, Andrew Regenscheid, Matthew Scholl, Kevin Stine. (Dec, 2014).
And is this "CAP Official (ISC)2 Student Guide 6th Edition" valid for the CGRC exam?