Choose your track and progress from beginner to advanced. Each journey contains modules, paths, scenarios, and case studies designed for that level.
Start with foundations, reinforce the basics, and build confidence through guided labs.
Module 01 — Start here
Learn what governance, risk, and compliance actually mean. Build your first risk register, understand controls, and explore how GRC frameworks fit together.
Module 02 — Practice makes confident
Short, hands-on labs that reinforce core GRC concepts — risk appetite, controls, vendor intake, and evidence basics — before you specialise.
Module 03 — Build practical habits
Work through entry-level workshops on GRC language, policy hierarchy, risk scoring, and distinguishing control objectives from activities.
Module 04 — Learn the major standards
Get beginner-friendly introductions to NIST CSF, ISO 27001, and SOC 2 so you can understand how core framework outcomes map to daily GRC work.
Module 05 — Build practical analyst habits
Practice day-to-day GRC execution through beginner modules on control testing, issue remediation, integrated assurance mapping, and risk appetite design.
Module 06 — Apply fundamentals in context
Round out your beginner journey with applied modules for third-party risk, cyber insurance readiness, crisis governance, whistleblower operations, and software supply-chain governance.
Develop analyst-level execution skills across risk operations, controls, and frameworks.
Pro members only
Upgrade to unlock the full intermediate learning journey with all modules, scenarios, and case studies.
Upgrade MembershipLead enterprise programmes, vendor risk, and audit readiness with executive-grade practices.
Pro members only
Upgrade to unlock the full advanced learning journey with all modules, scenarios, and case studies.
Upgrade Membership