Ready to start? Begin with Module 1.
A complete, free path through Governance, Risk, and Compliance.
Module 1 · GRC Core Foundations
Understand what GRC is, how governance, risk, and compliance work together, and master the core vocabulary every interviewer tests.
Your GRC Track
Thirteen modules. 51 lessons. One coherent journey from foundations to interview-ready.
GRC Core Foundations
Understand what GRC is, how governance, risk, and compliance work together, and master the core vocabulary every interviewer tests.
NIST Cybersecurity Framework 2.0
Master the six functions, the four tiers, profiles, and how to run a gap assessment.
NIST AI Risk Management Framework
Understand AI-specific risk: Govern, Map, Measure, Manage, plus bias, transparency, and explainability.
ISO 27001
Master the ISMS, the Annex A controls, and the Statement of Applicability.
SOC 2
Master the five Trust Services Criteria and the difference between Type I and Type II.
PCI DSS
Master the 12 requirements, the merchant levels, and QSA, SAQ, and ROC.
SOX ITGC
Master IT General Controls, segregation of duties, and change management.
HIPAA and HITECH
Master the three rules and the three safeguards.
HITRUST
Understand the HITRUST CSF and why healthcare vendors pursue it.
Third-Party Risk Management
Master the vendor lifecycle and the SIG and CAIQ questionnaires.
Vulnerability Management
Master CVE, CVSS, the CISA KEV list, EPSS, and risk-based patching.
Cloud and Modern Security
Master the shared responsibility model, Zero Trust, and identity and access management.
Interview Mastery
Walk into any GRC interview calm and confident.