Organizations that must adhere to regulations for data security, financial accountability and consumer privacy increasingly find it difficult to do without someone to make sure internal processes are being carried out properly. This is exactly where the need for competent governance, risk, and compliance (GRC) professionals arises. The goal of GRC is to ensure that proper policies and controls are in place to reduce risk, to set up a system of checks and balances to alert personnel when new risks materialize and to manage business processes more efficiently and proactively. All kinds of job roles including CIO, IT security analyst, security engineer or architect, information assurance program manager and senior IT auditor require or benefit from a GRC certification. Read on to learn about some top GRC certifications.
Certified in the Governance of Enterprise IT (CGEIT)
Provided by ISACA, the CGEIT certification not only recognizes IT professionals with deep knowledge of enterprise IT governance principles and practices but also the ability to enhance value to the organization through governance and risk optimization measures and to align IT with business strategies and goals. More than 7,000 individuals have achieved the CGEIT credential through ISACA since the program started.
One needs to pass an exam comprising of 150 questions for four hours covering five domains to earn the CGEIT credential. The domains are Framework for the Governance of Enterprise IT, Strategic Management, Benefits Realization, Risk Optimization and Resource Optimization. The exam costs $525 for ISACA members or $760 for non-members.
In order to qualify for the CGEIT, one must have at least five years of cumulative work experience in IT enterprise governance, including at least one year defining, implementing and managing a governance framework in addition of adherence to the ISACA Code of Professional Ethics and comply with the CGEIT Continuing Education Policy.