ISC2 CGRC Practice Status

Apr 24, 2026

Track ISC2 CGRC practice status for Governance, Risk and Compliance Certification and request IT Mastery coverage.

On this page

Governance, Risk and Compliance Certification (CGRC) is ISC2’s GRC-focused credential for information security practitioners who support security risk management, system authorization, control assessment, and compliance maintenance.

This page tracks the CGRC practice-bank rollout for IT Mastery. Dedicated simulator practice is not live yet, but you can review the snapshot, exam domains, and related security routes while coverage is being prioritized.

CGRC snapshot

Vendor: ISC2
Official certification name: Governance, Risk and Compliance Certification
Exam code: CGRC
Exam format shown by ISC2: 125 items, multiple choice and advanced item types
Exam time shown by ISC2: 3 hours
Passing grade shown by ISC2: 700 out of 1000
Current IT Mastery status: full simulator not yet live

Topic coverage for CGRC practice

Domain	Weight
Security and Privacy Governance, Risk Management, and Compliance Program	16%
Scope of the System	10%
Selection and Approval of Framework, Security, and Privacy Controls	14%
Implementation of Security and Privacy Controls	17%
Assessment/Audit of Security and Privacy Controls	16%
System Compliance	14%
Compliance Maintenance	13%

ISC2 CISSP if you need broader enterprise security leadership
ISC2 CC if you need entry-level ISC2 security first
CompTIA Security+ for live foundational security practice

Official sources

ISC2 CGRC exam outline

Revised on Saturday, April 25, 2026

CCSP

CISSP

Browse Certification Practice Tests by Exam Family

ISC2 CGRC Practice Status

CGRC snapshot

Topic coverage for CGRC practice

Good related routes

Official sources