Globally Recognized GRC Audit Certification
Get certified by the global nonprofit that invented GRC 20 years ago
What is the GRCA?
The GRC Auditor (GRCA) certification validates that you understand and can apply audit and assurance skills to evaluate established or planned GRC capabilities in your organization. It ensures that you have the versatile skill set to evaluate and report on the strengths and weaknesses in governance, strategy, performance management, risk management, compliance, ethics, internal control, security, privacy, and audit activities.
It is only available to those who hold a GRCP certification, which provides the necessary foundational GRC knowledge.
What does the GRCA Cover?
The GRCA is based on the essential body of knowledge used daily by GRC Professionals who provide assurance. With the help of hundreds of experts, this body of knowledge was identified, analyzed, and documented in the GRC Capability Model. The GRCA also relies on procedures documented in the GRC Assessment Tools guide and general audit and assurance concepts found in the public domain.
We recommend using these resources to prepare for the GRCA Exam
- GRC Capability Model ("Red Book") contains the essential body of knowledge for GRC. The GRCA focuses on the audit and assurance aspects of the GRC Capability Model.
- GRC Assessment Tools ("Burgundy Book") contains the essential body of knowledge for auditing the GRC Capability Model.
- GRC Audit Fundamentals is a self-study online course provided to deepen your understanding of the audit and assurance concepts addressed in the GRC Capability Model
- GRC Audit Fundamentals LIVE is offered by our global training partners to provide localized language, more context, and implementation examples.
While the exam does not require course attendance, most people who pass on the first attempt report that a course helped them pass.