Choose your path. Each one is a structured journey through hands-on rooms that build real GRC skills from the ground up.
Build your foundation in governance, risk, and compliance. Learn core concepts, key terminology, and how GRC frameworks work together.
Master risk identification, assessment, and mitigation strategies. Build and maintain enterprise risk registers and heat maps.
Deep dive into regulatory compliance workflows. Map controls to requirements, manage evidence, and prepare for audits.
Become fluent in NIST CSF, ISO 27001, SOC 2, HIPAA, PCI DSS, and CMMC. Cross-map controls and identify overlaps.
Prepare for and survive real audits. Practice evidence collection, gap analysis, remediation planning, and auditor communication.
Evaluate vendor security posture, manage questionnaires, score third-party risk, and build a vendor risk management program.