The top 5 GRC certifications for the quality professional


Of course good governance, risk and compliance isn't just about getting certificates on the wall. But they don't hurt either!

GRC certifications showcase commitment to quality, demonstrate professional expertise and work wonders for the paycheck - the 2017 Global Knowledge Salary Report identifies governance as the most lucrative professional certification, bringing an average global salary of $92,766 (£66,911) for accredited individuals.

We've identified the top 5 GRC certifications that the modern quality professional should aim for. 

1. GRCP (Governance, Risk and Compliance Professional) 

Offered by non-profit think tank OCEG, the GRCP certification acts as a baseline for other GRC qualifications with its broad focus. It demonstrates:

  • Knowledge of the operation of the core GRC disciplines, from auditing to risk 
  • Understanding of the GRC capability model and its four elements: learning, alignment, performance and review
  • Competence in advising on key GRC controls and functions, and integrating GRC processes into a holistic strategy

Image result for grc certification


Participants prepare for the exam with OCEG's 'GRC Fundamentals' video course or a two-day training program. Best of all, the exam's free for OCEG All Access Pass members.


2. CGEIT (Certified in the Governance of Enterprise IT)

With its tighter focus, CGEIT is designed for professionals specifically managing IT governance for their business. A CGEIT certification demonstrates:

  • The necessary expertise to manage and advance an enterprise's IT governance 
  • Understanding of how to optimise enterprise IT system frameworks to boost efficiency and effectiveness
  • Competence in IT risk management to support information security processes

Image result for cgeit

The CGEIT certification is provided by global information systems association ISACA.


3. PMI-RMP (Project Management Institute - Risk Management Professional)

The Project Management Institute offers a risk management accreditation to IT professionals, which builds on the risk-centric elements of CGEIT with a project-based focus. PMI-RMP certification requires:

  • Confident knowledge in risk strategy, planning and processes
  • Competence in monitoring and reporting IT risk and engaging stakeholders
  • Understanding of IT risk analysis for projects and how to build effective mitigation plans


Fot more information please visit Qualsys - Governance, Risk, and Compliance Blog at