GRC Skillternship: GRC Analyst in Action

Name: GRC Skillternship: GRC Analyst in Action
Rating: 4.4 (50 reviews)

Hands-On Training for Aspiring GRC Professionals

Bestseller

Created byAD Edwards

Last updated 2/2025

English

What you'll learn

Learn and apply key cybersecurity frameworks such as ISO 27001, NIST, PCI DSS, and HIPAA, which are foundational to regulatory compliance.
Work within SecureTech’s GRC team, developing governance structures and creating and updating policies that align with industry standards.
Assess SecureTech’s risks, scoring and strategizing mitigations for data breaches, third-party vulnerabilities, and compliance issues.
Gain practical experience with industry tools like SAP GRC, HIPAA One, RSA Archer, and AuditBoard through guided, real-world exercises.

Course content

6 sections • 73 lectures • 2h 13m total length

Introduction to the Team1:08
Welcome to SecureTech!0:32
GRC Course Lab Overview0:52
Company Background and Organizations Structure0:20

Week 1: Onboarding at SecureTech Solutions2:00
Understanding Your Role as a GRC Analyst1:24
GRC Framework Overview1:34
Key Clients and Regulations2:06
Achieving Compliance0:41
Simulated Team Collaboration1:52
Draft Your Own Meeting Request Email and Agenda
NIST Cybersecurity Framework4:35
Why the NIST Framework Works0:51
Explore How SecureTech Aligns with NIST Standards2:35
Implementing the NIST Cybersecurity Framework at SecureTech
Understanding the Critical Asset Inventory Task
Critical Asset Inventory Reflection0:50
Policy Review Assessment
Risk Assessment4:19
Hands-On Risk Assessment Simulation
Single Risk Prioritization
Compliance Monitoring Activity
Compliance Monitoring Walkthrough for ISO 27001 Compliance0:26
Video: Compliance Monitoring Walkthrough for ISO 27001 Compliance5:17
Submit Audit Findings
Welcome to Week 2!1:53
Introduction to GRC1:35
Overview of GRC Frameworks at SecureTech0:50
Video: Overview of GRC Frameworks at SecureTech4:53
GRC Framework Review
GRC Framework Review: Sample Summary1:49
PCI DSS0:59
Firewall Configuration for PCI DSS Compliance1:37
Video: Firewall Configuration for PCI DSS Compliance6:55
Firewall Configuration Table
Firewall Setup
PCI DSS Attestation of Compliance (AOC) Form1:36
Compliance Versus Validation of Compliance1:06
Attestation of Compliance (or AOC) Task Overview0:48
Video: Attestation of Compliance5:50
Generate a AOC for SecureTech
AOC Sample0:15
Risk and Compliance Tools4:52
Tool Selection Task Overview3:54
Compliance Tool Selection Project
Thank You for Your Submission: Tool Selection0:45
Week 6: Risk Mitigation and Incident Response1:11

Week 3: Establishing a Governance Framework0:33
Building a Strong Governance Framework1:00
Developing a Governance Structure for SecureTech2:57
Process for Developing a Governance Structure for SecureTech Solutions1:09
The Governance Charter0:18
Governance Charter
Governance Charter Review0:04
Introduction to SAP Business One0:50
Week 4: Data Protection and IAM Gaps5:23
Developing a Governance Structure for SecureTech2:16
Data Protection Policy0:07
Data Protection Policy Review
Recommendations on Data Protection Policy0:51

Week 5: Conducting Risk Assessments0:28
Risk Assessment Methodologies0:49
Introduction to Risk Assessment Methodologies1:36
Steps to Conduct a Risk Assessment1:07
Risk Assessment Heat Map1:13
Risk Matrix Sample0:01
Sample Risk Matrix and Sample Mitigation Plan0:20
Conducting a Risk Assessment
Scenario-Based Risk Assessment
Sample Mitigation Plan
Week 6: Risk Mitigation and Incident Response1:11
Developing a Mitigation Plan for Identified Risks1:37
Identified Risks and Mitigation Plan with Activities2:05
Case Study: Review and Critique of Real-World Incident Response Strategies1:19

Week 7: Ensuring Regulatory Compliance1:18
GDPR Compliance2:09
Introducing Jira for Compliance Management0:34
Example Compliance Tracking for Regulatory Obligations0:03
GDPR Compliance Tracking for SecureTech
Week 8: Compliance Auditing and Reporting1:50
Understanding Compliance Audits1:32
Types of Compliance Regulations and Audits2:49
ISO 27001 Interactivity
PCI DSS Compliance Audit for SecureTech
SecureTech’s Practices and ISO 27001 Gap Analysis
Samples of Identified Gaps1:11
Decision-Making on Prioritization
More Samples of a Justifications and Implementation Plan2:16
Submit Your ISMS Proposal
Sample ISMS Proposal0:05
Review of GDPR and Regulatory Compliance
Regulatory Compliance Tracking Document
ISO 27001 Implementation Plan
ISO 27001 Implementation Plan Sample0:01

Week 9: Developing a Comprehensive GRC Strategy0:21
Developing a Comprehensive GRC Strategy
Submission: Developing a Comprehensive GRC Strategy0:05
Week 10: Final Submission and Career Preparation
Reflection and GRC Strategy Proposal
Email: Final Submission and Future Contributions at SecureTech1:04
Farewell2:18
Congratulations on completing the GRC Skillternship course! Your commitment and hard work have paid off, and you’ve now gained valuable insights and skills in Governance, Risk, and Compliance.
You’ve tackled challenging assignments, explored frameworks like ISO 27001 and PCI DSS, and built foundational expertise that will serve you well in your career. Take pride in your accomplishments—they are a testament to your dedication to professional growth.

Requirements

No prior experience is needed!
Designed for beginners as well as professionals looking to transition into Governance, Risk, and Compliance (GRC).
Basic computer literacy (e.g., navigating spreadsheets and documents).
Access to a computer and a stable internet connection to complete online modules and tasks.

Description

Welcome to SecureTech Solutions’ 10-Week GRC Internship Experience! This skillternship provides an in-depth, hands-on journey into Governance, Risk, and Compliance (GRC) within cybersecurity, structured as a guided internship at SecureTech Solutions. Throughout these 10 weeks, participants will develop essential skills and practical knowledge that align with the day-to-day responsibilities of GRC professionals in the field.

During this program, you’ll be “on the job” at SecureTech Solutions, where you will:

• Learn and apply key cybersecurity frameworks such as ISO 27001, NIST, PCI DSS, and HIPAA, which are foundational to regulatory compliance.

• Work within SecureTech’s GRC team, developing governance structures and creating and updating policies that align with industry standards.

• Perform risk assessments on SecureTech’s operations, categorizing, scoring, and strategizing mitigations for risks such as data breaches, third-party risks, and regulatory compliance challenges.

• Gain hands-on experience with industry tools like SAP GRC, HIPAA One, RSA Archer, and AuditBoard through guided exercises that reflect the tools’ real-world usage.

Each week introduces tasks that build upon your previous knowledge and develop key competencies. Highlights include:

• Reviewing and refining SecureTech’s GRC policies and frameworks to address new regulatory and operational challenges.

• Conducting a risk assessment on a recent cybersecurity incident and preparing a risk mitigation plan for SecureTech’s leadership.

• Drafting and submitting GRC documents for review, from governance charters to data protection policies, as you progress through real-world-inspired scenarios.

• Preparing and presenting a final capstone project to SecureTech’s leadership, where you’ll develop a comprehensive GRC strategy that demonstrates your proficiency in GRC principles.

Ideal for individuals aiming to break into or advance in cybersecurity-focused GRC roles, this program equips you with the hands-on experience, critical thinking skills, and confidence to excel in the industry. By the end of this internship-style course lab, you will be well-prepared to step into GRC roles with a practical toolkit and a clear understanding of industry expectations.

Who this course is for:

Recent Graduates- Those with degrees in cybersecurity, information technology, or related fields seeking hands-on experience.
Career Changers- Professionals from other sectors interested in transitioning to GRC within cybersecurity.
Current Professionals- Individuals in cybersecurity or compliance roles aiming to enhance their GRC skills and knowledge.
Those pursuing internships or practical experience in the field of GRC.
Whether you're exploring career opportunities in compliance, risk management, or regulatory frameworks, this course offers hands-on insights and practical strategies.
Gain a clear understanding of GRC workflows and what it’s like to work in this growing and impactful industry.

GRC Skillternship: GRC Analyst in Action

What you'll learn

Explore related topics

Course content

Introduction4 lectures • 3min

Module 1: Introduction to GRC and Cybersecurity Frameworks30 lectures • 1hr 9min

Module 2: Governance and Policy Development11 lectures • 15min

Module 3: Risk Management Practices and Tools12 lectures • 12min

Module 4: Compliance Management and Tools11 lectures • 14min

Module 5: Capstone Project and Job-Ready Preparation5 lectures • 4min

Requirements

Description

Who this course is for: