The GRCA credential validates the candidate’s ability to:
- · Introduction to the GRC Assessment Framework: Understand how to use the GRC Assessment Framework, its goals, and who can use the Framework.
- · GRC Assurance Concepts: Become proficient in the key concepts and techniques related to providing assurance over GRC.
- · GRC Audit and Assessment Method: Be able to perform assessments of GRC readiness, implementation, and maturity, and be proficient in the full process for providing assurance. Evaluate and provide assurance on governance, strategy, performance, risk management, compliance, ethics, security, privacy, internalcontrol,andaudit activities. Discuss the assurance element of the GRC Capability Model and outline how to apply the tools provided by the GRC Assessment Framework (referred to as the Burgundy Book) to address each aspect of the GRC capability.
- · GRC Assessment Procedures: Be able to use and refer to specific risks, methods and expected information and documentationrelated to assessing GRC. Implement the GRC Assessment Framework for auditing GRC capabilities effectively. This includes an assessment design, performance and follow-up, in addition to a definition of an assessment planning workflow and the outline of key performance steps and evidentiary requirements leading to a valid, reliable report of findings and necessary follow-up.
- · Sources of Information and Content Criteria: Be able to use different sources of information for performing assessments of GRC capabilities and be aware of what does sources should contain.
- · Enhance Assurance Skills: Develop versatile assurance skills applicable across various GRC roles, not limited to traditional audit positions
- · Communicate Findings: Effectively report on the strengths and weaknesses of an organization's GRC activities to stakeholders.
Study Material
Course Outline
Day 1. Introduction to the GRCA
▪ Part I - GRC Assurance Concepts o What is Assurance
o When is Assurance Needed
o What are Levels of Assurance
o Do Assurance Providers Need to be Independent o What are Assurance Assessments
o Types of Assessments
o Assurance Risk Equation
o What are Ways to Gather Evidence
- Part II.A - GRC Assessment Method
o Assessment Planning
o Assessment Performance
o Collecting Assessment Information
o Forms of Assessment Communication o The Confirmation Process
o Communicating the Results of an Assessment
o Monitoring the Implementation Status of Recommendations
o Reporting on the Follow-Up
▪ Part II.B - GRC Assessment Procedures o LEARN Assessment Procedures
– L1. External Context
– L2. Internal Context
Day 2. Recap of Day 1 and Continuation
– L3. Culture
– L4. Stakeholder
ALIGN Assessment Procedures
– A1. Direction
– A2. Objectives
– A3. Identification
– A4. Analysis
– A5. Design
o PERFORM Assessment Procedures
– P1. Controls
– P2. Policies
– P3. Communication
– P4. Education
– P5. Incentives
– P6. Notification
– P7. Inquiry
– P8. Response
o REVIEW Assessment Procedures
– R1. Monitoring
– R2. Assurance
– R3. Improvement
▪ Part II.C – Sources of Information and Content Criteria
▪ GRCA Exam Preparation and mock exam
▪ Questions & Answers
Language(s) of Instruction
English
NASBA CPE Credits
The program provides participants with 14 NASBA CPE Credits. In order to be awarded the full credits, participants must respond to at least one polling or live questions every 50 minutes.
▪ Delivery Method: Group Live and Internet Based.
▪ Program Level: Intermediate.
▪ Prerequisites: Basic Business & GRC Knowledge.
▪ Advanced Preparation: None.
