Welcome to the Governance, Risk, and Compliance (GRC) Analyst Master Class. This class assumes no prior background knowledge and is setup to give you a full scope understanding and the practical skills needed to be an effective GRC Analyst.
Cybersecurity workforce development is focused on red team and blue team skills, but GRC is terribly underserved for training.
This course fills that gap by offering practical application of risk, audit, policy development, and security awareness skills needed for modern GRC analysts.
New Content Added September 2024! Login to the Academy to view the latest course updates, including:
A discussion of the new NIST CSF 2.0
Audit Interview Guide
GRC Analyst Master Class Course Objectives
In this course, we will cover:
An IT primer. While you don’t need to have prior IT experience, you will need to know some fundamental IT concepts to properly apply the GRC skills you learn.
GRC as an information security capability. If you are going to be a GRC analyst you need to understand how the role fits into the larger information security office and how it interfaces with the business.
Compliance and Audit work. A great starting point for any GRC analyst, we begin with why compliance exists and why businesses need it. We then deliver on the audit work around compliance and share a practical audit lab.
Practical Security Awareness. An often undervalued skill, you will learn how to make effective security awareness content that engages your end user community and reduces cyber risk. You will use a collection of tools to develop a security awareness briefing in a lab.
Cybersecurity risk. This is the bread and butter function of a GRC analyst and we spare no expense and going deep on this topic. You will learn what risk is and how to calculate it. We will assess risk in a lab to show you how you too can properly understand any business’s cybersecurity risk.
Instructional Governance work. Governance is critical to adoption and business buy-in. This section will teach you about policies, procedures, and standards. We cap it off by writing a policy from scratch in real time so you can too!
Getting a GRC Analyst Job. What good are these skills if you can’t get paid to use them. This section breaks down all the aspects of how to go about getting a GRC Analyst job.
It’s important to note the lecture videos are a collection of produced “lecture” style vides, and livestream “in-the-moment” style videos. Each has its own strength, but all of them will deliver value and excellence in the ultimate goal of understanding and executing as a GRC Analyst!
Who Should Take the GRC Analyst Master Class?
This course aims to prepare students for a career as a governance, risk, and compliance analyst. Anyone involved in security, compliance, or risk management will find valuable insights in this course.