Course Overview

Welcome to the Governance, Risk, and Compliance (GRC) Analyst Master Class. This class assumes no prior background knowledge and is setup to give you a full scope understanding and the practical skills needed to be an effective GRC Analyst.

Cybersecurity workforce development is focused on red team and blue team skills, but GRC is terribly underserved for training.

This course fills that gap by offering practical application of risk, audit, policy development, and security awareness skills needed for modern GRC analysts.

New Content Added September 2024!
Login to the Academy to view the latest course updates, including:

  • A discussion of the new NIST CSF 2.0
  • Audit Interview Guide

GRC Analyst Master Class Course Objectives


In this course, we will cover:

  1. An IT primer. While you don’t need to have prior IT experience, you will need to know some fundamental IT concepts to properly apply the GRC skills you learn.

  2. GRC as an information security capability. If you are going to be a GRC analyst you need to understand how the role fits into the larger information security office and how it interfaces with the business.

  3. Compliance and Audit work. A great starting point for any GRC analyst, we begin with why compliance exists and why businesses need it. We then deliver on the audit work around compliance and share a practical audit lab.

  4. Practical Security Awareness. An often undervalued skill, you will learn how to make effective security awareness content that engages your end user community and reduces cyber risk. You will use a collection of tools to develop a security awareness briefing in a lab.

  5. Cybersecurity risk. This is the bread and butter function of a GRC analyst and we spare no expense and going deep on this topic. You will learn what risk is and how to calculate it. We will assess risk in a lab to show you how you too can properly understand any business’s cybersecurity risk.

  6. Instructional Governance work. Governance is critical to adoption and business buy-in. This section will teach you about policies, procedures, and standards. We cap it off by writing a policy from scratch in real time so you can too!

  7. Getting a GRC Analyst Job. What good are these skills if you can’t get paid to use them. This section breaks down all the aspects of how to go about getting a GRC Analyst job.


It’s important to note the lecture videos are a collection of produced “lecture” style vides, and livestream “in-the-moment” style videos. Each has its own strength, but all of them will deliver value and excellence in the ultimate goal of understanding and executing as a GRC Analyst!

Hacker stealing information from a businessman

Who Should Take the GRC Analyst Master Class?


This course aims to prepare students for a career as a governance, risk, and compliance analyst. Anyone involved in security, compliance, or risk management will find valuable insights in this course.

GRC Analyst Master Class Course Curriculum - 7 Hours

  0. Getting Started (0:09:31)
Available in days
days after you enroll
  1. A Cybersecurity Primer (0:54:09)
Available in days
days after you enroll
  2. Compliance and Audit Work (1:10:43)
Available in days
days after you enroll
  3. Security Awareness Work (0:34:23)
Available in days
days after you enroll
  4. Cybersecurity Risk Work (1:39:46)
Available in days
days after you enroll
  5. Information Security Governance Work (1:44:10)
Available in days
days after you enroll
  6. Getting a GRC Analyst Job (0:52:01)
Available in days
days after you enroll
  7. Course Conclusions (0:01:34)
Available in days
days after you enroll
all-access membership wolf logo

This course is included in our
All-Access Membership
starting at $29.99/month

Get full access to the Governance, Risk, and Compliance (GRC) Analyst Master Class and our full course catalog when you enroll in our All-Access Membership.

Dr. Gerald Auger

About the Instructor: Dr. Gerald Auger

Dr. Auger is a 17+ year cybersecurity professional, academic, and author. He has been the cybersecurity architect at MUSC, a multi-billion dollar academic medical center. He is currently a partner in a cybersecurity consulting firm, adjunct faculty at The Citadel Military College, and chief content creator of the successful YouTube channel SimplyCyber. Dr. Auger holds a PhD in cyber operations and two Masters in Computer Science and Information Assurance.


Follow Gerry on Social Media:

YouTube - https://youtube.com/GeraldAuger

Twitter - https://twitter.com/Gerald_Auger

LinkedIn - https://www.linkedin.com/in/geraldauger/

Website - https://simplycyber.io


Courses Included in the All-Access Membership

The Definitive GRC Analyst Master Class

Everything you need to know to dive into the cybersecurity GRC pool

Gerald Auger, PhD

Gerald Auger, PhD

Security Operations (SOC) 101

Learn the fundamentals required to become a SOC Analyst.

Andrew Prince

Andrew Prince

Practical Malware Analysis & Triage

Arm yourself with knowledge and bring the fight to the bad guys.

Matt Kiely

Matt Kiely

Practical Windows Forensics

Learn how to conduct a digital forensic investigation on a Windows system from start to finish

Markus Schober

Markus Schober

Detection Engineering for Beginners

Start thinking and working as a Detection Engineer.

Anthony Isherwood

Anthony Isherwood

Practical Ethical Hacking - The Complete Course

Learn how to hack like a pro. 20 hours of up-to-date practical hacking techniques with no filler.

Heath Adams

Heath Adams

Windows Privilege Escalation for Beginners

Learn how to escalate privileges on Windows machines with absolutely no filler.

Heath Adams

Heath Adams

Linux Privilege Escalation for Beginners

Learn how to escalate privileges on Linux machines with absolutely no filler.

Heath Adams

Heath Adams

Open-Source Intelligence (OSINT) Fundamentals

Learn the ins and outs of Open Source Intelligence and step up your investigative game.

Heath Adams

Heath Adams

External Pentest Playbook

Learn to conduct an external network penetration test from start to finish

Heath Adams

Heath Adams

Python 101 For Hackers

Learn Python with a focus on concepts and modules important for hacking

Riley Kidd

Riley Kidd

Python 201 For Hackers

Move beyond the basics and learn how to actively use Python as a Windows hacking tool

Riley Kidd

Riley Kidd

Linux 101

Everything you need to know to start using Linux

Brent Eskridge

Brent Eskridge

Mobile Application Penetration Testing

Learn Mobile Application Hacking for iOS and Android Devices

Aaron Wilson

Aaron Wilson

Programming 100: Fundamentals

Learn the building blocks of programming with Python.

Heath Adams

Heath Adams

Rust 101

Learn the foundational concepts of the Rust programming language.

Heath Adams

Heath Adams

Beginner's Guide to IoT and Hardware Hacking

Learn to perform security research and testing on IoT devices and hardware.

Andrew Bellini

Andrew Bellini

Practical Bug Bounty

A hands-on course to prepare you for your first Bug Bounty adventure.

Heath Adams

Heath Adams

Practical Web Hacking

Expand your knowledge and skills in web application hacking with this intermediate course.

Alex Olsen

Alex Olsen

Advanced Web Hacking

Advanced Web Hacking is designed to take your web penetration testing skills to the next level. This course dives deep into advanced topics, exploring edge-case vulnerabilities, sophisticated attacks, and complex scenarios faced in modern web applications. Each module will offer in-depth exploration through code review, debugging, and hands-on labs.

Alex Olsen

Alex Olsen

Practical API Hacking

A hands-on course for hacking APIs.

Alex Olsen

Alex Olsen

Programming with AI - Mini Course

Utilize Artificial Intelligence and Large Language Models to become a better programmer.

Heath Adams

Heath Adams

Practical Help Desk

Prepare for a career in IT or cybersecurity by learning everything you need to know to work the help desk.

Andrew Bellini

Andrew Bellini

Soft Skills for the Job Market

Equip yourself with essential soft skills, communication techniques, and job application strategies required to excel in today’s competitive job market.

Heath Adams

Heath Adams

Practical Phishing Campaigns

This immersive course delves into practical phishing tactics, equipping cybersecurity professionals with the knowledge to perform professional phishing engagements.

Aaron Wilson

Aaron Wilson

C# 101 for Hackers

Learn the fundamentals of C# and .NET to enhance your hacking skills.

Alex Tushinsky

Alex Tushinsky

Academy Live Workshops

Exclusive Workshops for Academy Students Go beyond the course materials with bi-monthly livestreamed workshops taught by your favorite Academy instructors. These interactive sessions will be hosted on the Academy platform and will not be available on our public social media channels. If you attend live, you can ask questions and hack alongside our instructors. Workshop recordings will also be available so you can go back later and hack at your own pace. Topics for the workshops will rotate, please check the curriculum below for the upcoming schedule.

Alex Olsen

Alex Olsen

Frequently Asked Questions


Can I get a refund if I'm unhappy with my purchase?

Yes. All courses come with a 24-hour money-back guarantee.


Will I receive a certificate of completion when I finish a course?

Yes. All courses come with a certificate of completion.


Do the courses count as Continuing Education Units (CEUs)?

Yes. Every certificate of completion comes with the total CEUs earned listed on the certificate.

What is the All-Access Pass?

As of July 1st, 2023 TCM Academy transitioned to a monthly subscription model, where you now receive full access to all of the courses on our platform for as long as your subscription remains active.

What if you already own courses on TCM Academy?

If you already own a course on our platform, you will continue to own that course forever. Previously owned courses will not be affected by this change.


I can see the course, but it won’t load or play. What should I do?

We use Cloudflare to protect our course platform and unfortunately, it does not play nice with VPNs. If you are experiencing issues, turn off your VPN and try again. If that does not solve the issue, please contact our support team at [email protected] and we will help you out.