Certified in Governance Risk Management & Compliance (CGRC) Part 2


A comprehensive training course covering all the globally accepted Governance, Risk and Compliance frameworks, helping you emerge as a well-rounded GRC professional

Governance, Risk Management, and Compliance (GRC) are the three main pillars for reliably achieving organisational objectives, addressing uncertainty and acting with integrity. This course helps delegates understand how these pillars can be applied to drive higher levels of business performance and improve short, medium and long-term business sustainability.

Benefits of choosing this course

Benefits of choosing the CGRC (Part 2) course


Highly comprehensive training course covering all aspects of Governance, Risk Management and Compliance.


Offers a detailed perspective into cybersecurity compliance requirements like ISO 27001, PCI DSS, HIPAA.


The perfect stepping stone into the high-paying career of a GRC professional.

Highlights of the CGRC (Part 2) course


7 comprehensive modules with several sub-sections covering key regulatory standards like ISMS, GDPR, HIPAA, PCI DSS, IT Act and SOX Act.


Self-assessment options after each module to reinforce learning.


Downloadable study material that you can use to reference and revise all the intensive learning.

  • Key Learning Objectives
  • Downloads
  • About
  • Key Learning Objectives

      After completing the CGRC Part 2 course, you will be able to:
    • Articulate the basics of Risk Assessment, Risk Management and associated Methodologies and guidelines.
    • Offer a detailed explanation of the need and requirements of ISMS, PCI-DSS and ISO 27001:2013.
    • Properly understand what is Business Continuity Planning and Disaster Recovery Planning .
    • Explain what HIPAA is, its applicability, rules and requirements.

    • Understand and explain the basics of ITIL and its implementation.
    • Articulate the importance of GDPR, its objectives, definitions, principles, the rights of data subjects and what are the violations and penalties involved.
    • Comprehend the fundamentals of Web Application architecture, OWASP, ESAPI security, Threat Modelling and Source Code Analysis in detail.
    • Enhance your knowledge of the Cyber Crime and Information Technology Act, Offences covered under it with relevant case studies.
    • Understand and explain the importance and application of the Sarbanes Oxley Act, its extent and relevance.
  • Direct Downloads

    Directly download the full Learning Objectives of the course here

    Templates. Worksheets & Mind-maps

    When you enrol in this course you will have access to several worksheets & templates that you can use immediately. Take a look at the course curriculum, below, to see whats included in this course.

    The image immediately below is a gallery view of some of the templates and collateral available to students.

    Continuing Professional Development

    CPD points can be claimed for this course at the rate of 1 point per hour of training for this NCSC-certified and CIISec-approved course (8 points for one-day public course and 15 points for the two-day internal workshop - for when organisations host this course internally).

    CIPR Student-Only Incident Response Plan Template

    As a student you get access to unique content including our highly acclaimed Cyber Incident Response Plan Template. If you want, you can download the FREE version of the Incident Response Plan template here.

  • About

Example Curriculum

  Module 1: Risk Management & Governance
Available in days
days after you enroll
  Risk Management Quiz
Available in days
days after you enroll
  Module 2: Information Security Management System (ISMS)
Available in days
days after you enroll
  ISMS Quiz
Available in days
days after you enroll
  Module 3: General Data Protection Regulation (GDPR)
Available in days
days after you enroll
  GDPR Quiz
Available in days
days after you enroll
  Module 3, Part 2: Health Information Portability And Accountability Act (HIPAA)
Available in days
days after you enroll
  HIPAA Quiz
Available in days
days after you enroll
  Module 4: Payment Card Security Data Security Standards (PCI DSS)
Available in days
days after you enroll
  PCI DSS Quiz
Available in days
days after you enroll
  Module 5: Business Continuity Management System (BCM)
Available in days
days after you enroll
  BCM Quiz
Available in days
days after you enroll
  Module 6: Information Technology Infrastructure Library (ITIL)
Available in days
days after you enroll
  ITIL Quiz
Available in days
days after you enroll
  Module 7, Part 1: IT Act
Available in days
days after you enroll
  IT ACT Quiz
Available in days
days after you enroll
  Module 7, Part 2: SOX Act
Available in days
days after you enroll
  SOX Act Quiz
Available in days
days after you enroll

Sign up and Start Today


Pay-in-full in your local currency (where available)


We take all major forms of payment and we use secure checkout.

Do you have immediate requirements in cybersecurity, governance, risk and compliance that need to be fulfilled in a short span of time? Check out our Virtual Cybersecurity Consultant service - a remote-only, full-service cyber consultancy service that offers 300+ services in over 15 cybersecurity domains.