I just wondered if anyone else was doing this course at the moment. I'm working my way through it and finding it very interesting, as my background is more IT security (I've got my CISSP) than governance. But I'm struggling a little with the questions; most seem obvious, but I really can't understand some of them, and I can't find the answer when I go back over the material. When you get a question wrong, it doesn't tell you what the correct answer is, and I really want to know.    I'd just like to hear from others who are doing the course and how they are finding it. If you know a way of accessing the answer when you get a question wrong that would be great.   View More

Before I embark on the CISSP, I was wondering if getting the CGRC would make sense or is even recommended. I mainly work in the GRC area (doing policy work), and would like to get a more solid understanding of the different frameworks etc. I am thinking that getting a CGRC certification could help me here.    Does it make sense to attempt this certification without the knowledge & experience required for a CISSP?   Thanks for any guidance you may have.  View More

On June 15, 2024, ISC2 will update the CGRC exam. This exam update is the result of the Job Task Analysis (JTA), which is an analysis of the knowledge, skills and abilities of the credential evaluated by ISC2 members on a triennial cycle. The exam domain weights for the CGRC will change as follows:       Current (Effective August 15, 2021)  New (Effective June 15, 2024)  1  Information Security Risk Management Program  16%  Security and Privacy Governance, Risk Management, and Compliance Program  16%  2  Scope of the Information System  11%  Scope of the System  10%  3  Selection and Approval of Security and Privacy Controls  15%  Selection and Approval of Framework, Security, and Privacy Controls  14%  4  Implementation of Security and Privacy Controls  16%  Implementation of Security and Privacy Controls  17%  5  Assessment/Audit of Security and Privacy Controls  16%  Assessment/Audit of Security and Privacy Controls  16%  6  Authorization/Approval of Information System  10%  System Compliance  14%  7  Continuous Monitoring  16%  Compliance Maintenance  13%     Total:  100%  Total:  100%     For more information, please review our CGRC Exam Update FAQs or the CGRC Exam Outline.  View More

Hey there, Please provide references and official study materials for CGRC.     thanks!   View More

Looking for self study options for CGRC. I see a lot of folks asking for this, but very little action on the part of ICS2 to facilitate. Other than reading old CAP books and/or publicly available NIST documents, are there any other options? I am not interested in any form of instructor led "live" class. I'd be open to something similar to the CCSP online course. When, ISC2, will you provide more options for those of us who prefer to self study? View More