That’s awesome! Best of luck with your CISSP, and it sounds like February will be another milestone to celebrate. 🙌

You're welcome! I'm glad you found it helpful. 🤗

Hi there! That's a great question! As we stated in the video, “most people will move into CISSP.” Everyone is different when it comes to experience and qualifications. The CISSP is the next logical step in your career progression from the Security+ if you want to succeed in GRC. You can take the CISSP exam with no experience and become an Associate of ISC2. www.isc2.org/Certifications/Associate Although this is a difficult path, it would greatly increase your hiring value. So that it another option for you. However, if you do not have experience in IT, do not go for the CISSP just yet. Focus on gaining IT and security knowledge and experience first, then pursue the CISSP. We highly suggest spending the time to educate yourself on various IT areas, such as computer operations, networking, cloud computing, etc. Look at certifications like the CompTIA Network+, CySA+, AWS Cloud Practitioner, or the AKYLADE CCRF if you want to focus more on GRC. We have training for all of these certifications on our website or on Udemy. Can you get a GRC job with the Sec+ and no experience? Yes, you can. There are entry-level opportunities out there, but you will need IT and Security experience to qualify for many of those opportunities. Find the jobs that interest you, review the qualifications, and educate yourself on those topics. That will help you tremendously! We hope this helps!

Glad you think so!

Transitioning into the GRC field from a paralegal background is a strategic move that can really leverage your existing legal and compliance knowledge, so this could be a great move for you. Here are a few simple tips to guide you through this possible transition: Learn the Basics: Check out online courses or certifications in GRC to get started. Make Connections: Use LinkedIn or join groups to meet people already working in GRC. Use Your Skills: Your experience as a paralegal has given you great skills for GRC, like understanding regulations and doing thorough research. Try It Out: Look for volunteer opportunities or internships to get some direct experience. Keep Up-to-Date: GRC changes a lot, especially with new laws, so keep learning about new trends. Remember, transitioning careers is a journey that requires patience and perseverance. Your unique background can bring a fresh perspective to the GRC field. Good luck!

Thank you so very much for your response, it's greatly appreciated and helpful! @@DionTraining

Hi! Feel free to check and join our Facebook page, where Dion Training and the members regularly share valuable insights and updates!

When transitioning to a GRC role, the path you take can definitely depend on any certifications you already hold. If you're starting with minimal certifications in the field, beginning with the Certified Information Systems Auditor (CISA) certification is a great choice. CISA is highly respected and focuses on essential skills such as auditing, controlling, and assessing an organization's IT and business systems, which are crucial for GRC roles. If you're new to the field and looking for a broader foundation, the CompTIA Security+ certification could be a good first step before diving into more specialized GRC certifications. This will provide you with a solid understanding of basic cybersecurity principles and practices, setting the groundwork for more advanced GRC-focused certifications.

Sharing your academic writings on LinkedIn is a fantastic idea to showcase your knowledge and enthusiasm for GRC. This not only highlights your expertise but also demonstrates your commitment to the field. Plus, engaging with comments on your posts can further establish your presence in the GRC community. It’s a proactive step towards building your professional network and enhancing your visibility in the field.

Don't let anyone discourage you if you feel ready to tackle these goals! They are not walking your walk. If you think you are ready for the CISSP, CISA, or CISM…I say go for it! You have nothing to lose and everything in your career to gain! With 4-6 years of experience, you're in a great position to pursue the CISSP. It’s not just for those in leadership. It’s a career booster and shows your commitment to the field. In fact, many professionals find that achieving the CISSP opens doors that will lead to leadership opportunities because it demonstrates both technical knowledge and a strong grasp of security management principles. Going forward, I recommend the CISSP first. Then the CISM next, followed by the CISA. Trust your judgment and career goals. If you’re ready and willing to put in the work, certifications like the CISSP can absolutely help open doors for you. Stay focused on your goals and timeline. If you’re ready, go for it. These certifications can be a powerful way to break through to the next level in your career. You’ve got this! 🚀

Before we answer your question let's get some context. 1. What is your primary interest? 2. What is more important to you, money or enjoying what you do?

@sincere531

@@DionTraining both to be honest, but if I had to choose money because I can adapt to liking a job. My whole career has been in healthcare/nursing.

I’m a DOD contractor and even the guys who do GRC don’t like it. They did it basically to get a pay increase.

​@@DionTraining For someone currently working in the property management/commercial real estate operations managing access control systems as administrator using Brivo Access systems, which area in GRC or cybersecurity in general will be good with my background. And what is the name of the GRC course on Udemy with Kip Boyle?

To register for a general GRC certification, choose from options like Certified GRC Professional (GRCP) by GRC Certify or Certified in Governance, Risk, and Compliance (CGRC) by (ISC)². Visit their official websites to review certification requirements, course details, and register for exams. Additionally, certifications like CRISC by ISACA or Certified Compliance and Ethics Professional (CCEP) by SCCE offer specialized GRC knowledge. You can also do certifications like CISSP, CISA, CASP+, and CAP, as they are valuable indicators of GRC expertise.

No we don't, but you can always keep an eye out on Udemy! We regularly have sales on our courses there.

Hello, how's it going? I'm currently looking to transition to GRC too from law

That’s the only body for those certifications 😅

@@michaeloridamisi1447 thank you, I thought so too. The certification is available by the Army, but they don’t list ISACA, which is why I ask and it doesn’t make sense so I will address it with them.

It sounds like you're in a fantastic position to transition into GRC with your background in law and Computer Engineering! Start by upskilling in GRC frameworks and consider getting certifications like CISA or CISSP. Use your existing network to connect with professionals in the tech field, and perhaps look for internship or part-time roles to get some hands-on experience. I personally know a couple of attorneys who now work in compliance and they are very satisfied with their decision to switch. The specific knowledge subjects that I would suggest that you familiarize yourself with are ISO 27001, NIST, and COSO. You may also want to learn about data privacy regulations like GDPR and CCPA. Best regards, Jamario

​@@DionTrainingI got Security+ with your course on the first go! Now, looking to continue studying in the new year to get into GRC! What do you recommend I do next, GRCP?

In your position, I'd strongly consider pursuing the reputable Security+ certification. Based on my experience, it's highly regarded, especially within governmental sectors, aligning well with your career aspirations. Additionally, the ISC2 CGRC is renowned for its industry recognition and could be a valuable asset. However, it's important to note that certifications often cater to specific corporate preferences. I recommend reviewing job postings on sites like LinkedIn or Indeed to identify the certifications most sought after by your target employers. This will definitely optimize your prospects. Good luck, and I'm confident in your success! Best regards, Jamario

@@DionTraining got it. Thanks!!

Yes, the CISA can be very helpful within the GRC framework. The CISA exam covers important topics including the auditing of governance, risk, and compliance. The CISA objectives contain a significant amount of overlap with the GRC framework.