I've registered for the CGRC exam in March 2024. I've bought and read the Official (ISC)2 Guide to the CAP CBK 2nd Edition. The publisher information for the guide on Amazon says it was published in 2016, but the copyright notice in the book itself says 2013 (and a lot of the text uses terminology, examples, and references dating from the mid-2000s).
ISC2's web page for CGRC training includes a link for self study tools such as "official text books", "official study guides", and "official practice tests". But when I click on "Learn More", all I find are flashcards (I've downloaded these, but studying flashcards is not my preferred study method) and an online study group (which hardly seems like a self study option).
Are there any current (like, in the past 3-5 years) books, guides, or official practice exams? Is there a published CAP/GRC CBK?
Thanks.
Mike
Greetings. Recently, @emb021 posted a good list of material on this thread. Largely, CGRC is covered by the standards created by NIST and ISO (leaning more heavily on the NIST material, by the way), so you should develop a strong familiarity with the Special Publications.
You'll find that the thread mimics much of what appears on this ISC2 link.
Good luck!
Thanks. I knew I was going to have to get into the NIST SPs, but I was hoping for some summary guides first. As for ISC2's suggested resources, it's out of date (it cites superseded versions of documents; the one cited summary guide is a decade old).
Is there no summary of what ISC2 considers the CBK to be so I have an idea what to focus on in the SPs? How much do I have to know about the ISO 27001 (which has been revised since the latest summary guide was published)?
I was hoping I could get through just by reading, like I did with CISSP and CCSP. Are the one-week online courses worthwhile? Has anyone taken one in North America/Canada?
Mike
l think studying NIST SP 800- 37 r2 couples of times should be enough because it covers all other publications required to pass the exams. You can also go to youtube and search for GRACESUFF IT SOLUTIONS, there is a summary of all the domains that will really help for the exams.
Thanks.
Hi.
I am looking for the same, best thing I found was this: A Concise Guide to the Certified in Governance, Risk, and Compliance (CGRC) Exam | LinkedIn but couldn't find any recent course books.
Actually, I bought the training and there is an "Official CGRC textbook 7th edition" but only in vitalsource - which is extremely limiting. I'm old school and cannot stand reading on a digital device. The new training is horrible - no way to really find out what you did wrong on a question for prep - it's just not a good situation. Anyway the lessons actually state "A full list of design principles can be found in the textbook" and the vital source only shows it to be about 75 pages or so - how hard would it be to get a printed copy of this to work from?