Course Overview

Welcome to the Governance, Risk, and Compliance (GRC) Analyst Master Class. This class assumes no prior background knowledge and is setup to give you a full scope understanding and the practical skills needed to be an effective GRC Analyst.

Cybersecurity workforce development is focused on red team and blue team skills, but GRC is terribly underserved for training.

This course fills that gap by offering practical application of risk, audit, policy development, and security awareness skills needed for modern GRC analysts.

New Content Added September 2024!
Login to the Academy to view the latest course updates, including:

  • A discussion of the new NIST CSF 2.0
  • Audit Interview Guide

GRC Analyst Master Class Course Objectives


In this course, we will cover:

  1. An IT primer. While you don’t need to have prior IT experience, you will need to know some fundamental IT concepts to properly apply the GRC skills you learn.

  2. GRC as an information security capability. If you are going to be a GRC analyst you need to understand how the role fits into the larger information security office and how it interfaces with the business.

  3. Compliance and Audit work. A great starting point for any GRC analyst, we begin with why compliance exists and why businesses need it. We then deliver on the audit work around compliance and share a practical audit lab.

  4. Practical Security Awareness. An often undervalued skill, you will learn how to make effective security awareness content that engages your end user community and reduces cyber risk. You will use a collection of tools to develop a security awareness briefing in a lab.

  5. Cybersecurity risk. This is the bread and butter function of a GRC analyst and we spare no expense and going deep on this topic. You will learn what risk is and how to calculate it. We will assess risk in a lab to show you how you too can properly understand any business’s cybersecurity risk.

  6. Instructional Governance work. Governance is critical to adoption and business buy-in. This section will teach you about policies, procedures, and standards. We cap it off by writing a policy from scratch in real time so you can too!

  7. Getting a GRC Analyst Job. What good are these skills if you can’t get paid to use them. This section breaks down all the aspects of how to go about getting a GRC Analyst job.


It’s important to note the lecture videos are a collection of produced “lecture” style vides, and livestream “in-the-moment” style videos. Each has its own strength, but all of them will deliver value and excellence in the ultimate goal of understanding and executing as a GRC Analyst!

Hacker stealing information from a businessman

Who Should Take the GRC Analyst Master Class?


This course aims to prepare students for a career as a governance, risk, and compliance analyst. Anyone involved in security, compliance, or risk management will find valuable insights in this course.

GRC Analyst Master Class Course Curriculum - 7 Hours

  0. Getting Started (0:09:31)
Available in days
days after you enroll
  1. A Cybersecurity Primer (0:54:09)
Available in days
days after you enroll
  2. Compliance and Audit Work (1:10:43)
Available in days
days after you enroll
  3. Security Awareness Work (0:34:23)
Available in days
days after you enroll
  4. Cybersecurity Risk Work (1:39:46)
Available in days
days after you enroll
  5. Information Security Governance Work (1:44:10)
Available in days
days after you enroll
  6. Getting a GRC Analyst Job (0:52:01)
Available in days
days after you enroll
  7. Course Conclusions (0:01:34)
Available in days
days after you enroll
all-access membership wolf logo

This course is included in our
All-Access Membership
starting at $29.99/month

Get full access to the Governance, Risk, and Compliance (GRC) Analyst Master Class and our full course catalog when you enroll in our All-Access Membership.

Dr. Gerald Auger

About the Instructor: Dr. Gerald Auger

Dr. Auger is a 17+ year cybersecurity professional, academic, and author. He has been the cybersecurity architect at MUSC, a multi-billion dollar academic medical center. He is currently a partner in a cybersecurity consulting firm, adjunct faculty at The Citadel Military College, and chief content creator of the successful YouTube channel SimplyCyber. Dr. Auger holds a PhD in cyber operations and two Masters in Computer Science and Information Assurance.


Follow Gerry on Social Media:

YouTube - https://youtube.com/GeraldAuger

Twitter - https://twitter.com/Gerald_Auger

LinkedIn - https://www.linkedin.com/in/geraldauger/

Website - https://simplycyber.io


Frequently Asked Questions


Can I get a refund if I'm unhappy with my purchase?

Yes. All courses come with a 24-hour money-back guarantee.


Will I receive a certificate of completion when I finish a course?

Yes. All courses come with a certificate of completion.


Do the courses count as Continuing Education Units (CEUs)?

Yes. Every certificate of completion comes with the total CEUs earned listed on the certificate.

What is the All-Access Pass?

As of July 1st, 2023 TCM Academy transitioned to a monthly subscription model, where you now receive full access to all of the courses on our platform for as long as your subscription remains active.

What if you already own courses on TCM Academy?

If you already own a course on our platform, you will continue to own that course forever. Previously owned courses will not be affected by this change.


I can see the course, but it won’t load or play. What should I do?

We use Cloudflare to protect our course platform and unfortunately, it does not play nice with VPNs. If you are experiencing issues, turn off your VPN and try again. If that does not solve the issue, please contact our support team at [email protected] and we will help you out.