The e Certified in Governance, Risk and Compliance (CGRC) certification is an objective measure of the knowledge, skills, and abilities required for personnel involved in the process of authorizing and maintaining information systems. This credential applies to those responsible for formalizing processes used to assess risk and establish security requirements and documentation. Their decisions will ensure that information system possess security commensurate with the level of exposure to potential risk, as well as damage to assets or individuals.
The CAP credential is appropriate for commercial markets, civilian and local governments, and the U.S. Federal Government, including the State Department and the Department of Defense. CGRC/RMF In this course, you will gain a thorough understanding of the new DoD authorization process as required by DoDI 8510.01, Risk Management Framework for DoD IT, 14 March 2014, and based on the new Committee of National Security Systems Instruction 1253 (CNSSI 1253), Security Categorization and Security Control Selection for National Security Systems (NSS), 27 March 2014, and the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). You will learn how to apply cost-effective and appropriate security controls based on risk and best practices. This highly interactive course provides actual examples of the key documents required to complete the RMF processes. This is an (ISC)2 training course.