GRC Programs | Build ISO 27001-Aligned Portfolio Pieces

Choose the GRC Program That Fits Where You Are

Build Practical GRC Portfolio Pieces Aligned with ISO/IEC 27001

Move beyond certificates and begin building work you can show, explain, and defend.

Start with one practical risk register or build a complete, connected GRC portfolio using a realistic company scenario. No coding experience is required.

Start with One GRC Portfolio Piece

Build your first practical risk register independently or choose the Sprint if you want feedback on your completed work.

GRC Risk Register Starter

Build your first practical risk register independently.

$97

You receive

  • Self-paced lessons
  • A realistic company scenario
  • Risk Register template
  • Risk Treatment Plan template
  • Leadership Summary template
  • Step-by-step instructions

Feedback: Not included

Digital badge: Not included

Explore the Starter · $97

GRC Risk Register Sprint

Build the same practical risk register and receive one structured feedback pass on your completed work.

$197

You receive

  • Everything included in the Starter
  • One review of your completed Risk Register
  • Feedback on your risk statements and scoring
  • Feedback on your treatment decisions
  • Guidance on what to correct before using the work in your portfolio

Plan for about 5 focused hours, completed in one sitting or spread across a few days.

Purchases made between July 12 and July 22 will receive feedback beginning July 23, 2026.

Feedback: One structured feedback pass

Digital badge: Not included

Explore the Sprint · $197

Build the Complete GRC Portfolio

Build a full set of connected GRC portfolio pieces through self-study or join the guided option for feedback, accountability, and support.

GRC Portfolio Studio Self-Study

Build the complete GRC portfolio independently and at your own pace.

$397

You receive

  • The complete Studio curriculum
  • One realistic company scenario
  • Portfolio templates
  • Step-by-step guidance
  • Resume and LinkedIn positioning support
  • Interview preparation
  • Eligibility to earn the GRC Portfolio Studio digital badge after completing the required work

Feedback: No regular personal feedback

Digital badge: Available after meeting the Studio completion requirements

Explore Self-Study · $397

You do not need to complete the Starter or Sprint before joining the full Studio. If you begin with one of them, join the Studio within 14 days and your full payment is credited toward it.

What You Build in the Complete Studio

The complete GRC Portfolio Studio helps you develop a connected set of professional portfolio pieces, including:

01

Risk Register and Risk Treatment Plan

Identify, assess, prioritize, and respond to information security risks.

02

Control Mapping and Statement of Applicability

Connect risk decisions to appropriate controls and document why those controls apply.

03

Security Policy or Procedure

Turn security expectations into clear documentation people can follow.

04

Vendor Risk Review

Review a third party and make a recommendation you can explain and defend.

05

Audit Evidence and Remediation Tracker

Organize evidence, document gaps, and track corrective actions.

06

Executive GRC Summary

Present important risks, findings, and recommendations clearly to leadership.

Together, these portfolio pieces help you show how you assess risk, document decisions, organize evidence, and communicate recommendations clearly to leadership.

What Makes the Sprint and Studio Different?

You do more than watch lessons or memorize GRC terms. You work through a realistic company case and create documents similar to the work completed in GRC, risk, compliance, vendor risk, and audit roles.

Build work you can show

Finish with practical portfolio pieces, not only notes, videos, or another certificate.

Use a realistic company case

Complete your work in one business setting so the pieces feel connected and purposeful.

Apply ISO/IEC 27001 concepts

Use risk, control, evidence, policy, and reporting concepts in realistic assignments.

Explain the choices you made

Practice talking through what you created, why you made each decision, and what you would recommend.

Prepare to discuss your work

Use your portfolio pieces to strengthen your resume, LinkedIn profile, and interview answers.

Choose the support you need

Work independently or select an option that includes feedback, guidance, and accountability.

Aligned with ISO/IEC 27001

The program portfolio pieces and learning activities are aligned with practical concepts used within an ISO/IEC 27001 information security management system.

You will practice applying risk, control, evidence, policy, remediation, and reporting concepts through realistic portfolio assignments.

Information security riskRisk treatmentControl decisionsPolicies and proceduresAudit evidenceTesting and remediationLeadership reportingContinuous improvement

Learn from Dr. Rose Shumba

Dr. Rose Shumba brings more than 20 years of experience in cybersecurity education, workforce development, student mentoring, and academic program leadership.

She is a Professor and Chair of the Department of Computer Science at Bowie State University and previously served as a Cyber Science Professor at the United States Naval Academy.

She developed the GRC Portfolio Studio to help career changers and recent graduates build practical work they can explain with confidence.

Not Sure Whether GRC Is the Right Fit?

The free Cyber Role Finder helps you explore non-coding cybersecurity roles that may match your background, strengths, and interests.

Take the Free Cyber Role Finder

Frequently Asked Questions

Do I need previous GRC experience?

No. The programs are designed for beginners, career changers, and recent graduates.

Do I need coding experience?

No. The programs focus on risk, controls, compliance, documentation, evidence, and communication.

Do the $97 and $197 programs include a digital badge?

No. The GRC Portfolio Studio digital badge is available only through the complete $397 and $597 Studio programs after the required work is completed.

What is the difference between the $97 and $197 options?

The $97 Starter is completed independently. The $197 Sprint includes one structured feedback pass on your completed Risk Register.

What is the difference between the $397 and $597 options?

The $397 Studio is self-study. The $597 Guided Studio includes three live review sessions, structured feedback, accountability, support, and a final portfolio review.

Do I need to complete the Starter or Sprint first?

No. You can enroll directly in the complete Self-Study or Guided GRC Portfolio Studio. If you start with the Starter or Sprint, join the Studio within 14 days and your full payment is credited toward it.

Is this an ISO certification program?

No. The portfolio pieces are aligned with ISO/IEC 27001 concepts, but the program does not award an ISO or PECB certification.

Can I take an ISO Foundation examination separately?

Yes. Learners who want to strengthen their formal understanding may choose to take an ISO/IEC 27001 Foundation examination separately. Exam registration and certification fees are not included.

Choose Where You Want to Begin

Start with one practical GRC portfolio piece or build the complete ISO/IEC 27001-aligned portfolio.