Certified in Governance Risk and Compliance/Risk Management Framework

The CGRC certification ensures that information security specialists can demonstrate knowledge of the 7 domains of CGRC, the 6 steps of RMF. The Risk Management Framework (RMF) and Certified in Governance Risk and Compliance (CGRC) courses can be bundled as one or taught individually. RMF is a set of standards and policies developed by the National Institute of Standards and Technology (NIST). RMF is followed by all federal government and its independent contractors to maintain compliance with legal practice of authorization and maintenance.


  • Extensive experience in any of the following:
  • IT Security
  • Information Risk Management
  • Systems Administration

Experience Requirements

  • Minimum of two years of cumulative paid work experience in one or more of the seven domains of CGRC Common Body of Knowledge (CBK).

Learning Objectives

  • Understanding of security laws, regulations, and policies
  • Understanding of the 6 steps of Risk Management Framework:
    • Categorizing Systems
    • Selecting Controls
    • Implementing Controls
    • Assessing Controls
    • Authorizing Controls
    • Monitoring Controls
  • Understanding of the 7 domains of CGRC:
    • Risk Management Framework (RMF)
    • Categorization of Information Systems
    • Selection of Security Controls
    • Security Control Implementation
    • Security Control Assessment
    • Information System Authorization
    • Monitoring of Security Controls

Training Dates

Cybersecurity Training Center offers flexible training dates to fit your schedule. You can contact us through email, chat, or by phone to set up a date and time to attend the lessons and take your examination.

Sign up For a free webinar:
Career Opportunities with Power Platform and SharePoint Certifications


“Microsoft Power Platform is an inclusive technology. Its ease-of-use creates a culture of innovation, helping you realize untapped value you couldn’t access before.”

By submitting this form, you are consenting to receive marketing emails from: Cybersecurity Training Center, 1335 Rockville Pike, Rockville, MD, 20852, https://www.cybersectc.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact