All courses
Resource hub
Featured resource
Tech Upskilling Playbook 2025
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Learn more
Hamburger Icon
  • Path icon Learning Path
    • Libraries: This path is only available in the libraries listed. To access this path, purchase a license for the corresponding library.
  • Security
    •

Governance, Risk and Compliance (GRC)

17 Courses
19 Hours
Skill IQ

In this path, you will find important laws, compliance standards and security frameworks that are imperative to multiple roles within information security. Each course will describe what the purpose that the compliance standard, framework or law aims to achieve, what organizations should be compliant, and what reasons, requirements or advantages there are for your organization to adopt and integrate.

Get started

Content in this path

Governance, Risk and Compliance (GRC)

In this path, you will find important laws, compliance standards and security frameworks that are imperative to multiple roles within information security. Each course will describe what the purpose that the compliance standard, framework or law aims to achieve, what organizations should be compliant, and what reasons, requirements or advantages there are for your organization to adopt and integrate.

Course

Security Compliance, Governance, and Frameworks

  • by Richard Harpur
  • 1h 41m
  • Nov 12, 2021
Course

Security Compliance: ISO 27001

  • by Richard Harpur
  • 56m
  • Mar 01, 2023
Course

Security Compliance: SOC 2

  • by Richard Harpur
  • 1h 4m
  • Sep 23, 2022
Course

Security Compliance: ISO/IEC 27000 Series

  • by Richard Harpur
  • 1h 9m
  • Nov 15, 2022
Course

Security Compliance: CMMC

  • by Bobby Rogers
  • 1h 3m
  • Sep 26, 2023
Course

Information Governance: GDPR

  • by John Elliott
  • 1h 38m
  • Feb 24, 2022
Course

Information Governance: CCPA

  • by Dr Shaila Rana
  • 59m
  • Sep 30, 2021
Course

Information Governance: CDPA

  • by Mike Woolard
  • 41m
  • Oct 12, 2021
Course

Information Governance: COPPA

  • by Dr Shaila Rana
  • 33m
  • Sep 30, 2021
Course

Information Governance: GLBA

  • by Jo Harder
  • 49m
  • Sep 30, 2021
Course

Information Governance: HIPAA

  • by Bobby Rogers
  • 2h 1m
  • Sep 29, 2021
Course

Security Governance: FISMA

  • by Dr Shaila Rana
  • 31m
  • Oct 12, 2021
Course

Information Governance: SOX

  • by Dr Shaila Rana
  • 37m
  • Dec 10, 2021
Course

Compliance Framework: PCI DSS

  • by John Elliott
  • 1h 36m
  • Aug 09, 2022
Course

Security Framework: NIST RMF

  • by Bobby Rogers
  • 1h 8m
  • Jun 12, 2023
Course

Security Framework: NIST CSF

  • by Mike Woolard
  • 55m
  • May 14, 2024
Course

Security Controls: CIS Controls

  • by Bobby Rogers
  • 1h 32m
  • Dec 20, 2021
Try this learning path for free
Access this learning path and other top-rated tech content with a free trial.
Free individual trial Free team trial
Have questions? Get them answered now.
Start a live chat
What You'll Learn
  • You will learn some of the most important security compliance standards, frameworks and laws that an analyst within information security including:
  • PCI DSS
  • GDPR
  • ISO 27001
  • HIPAA
  • NIST CSF
  • NIST RMF
  • CIS Controls
  • SOX
Prerequisites
  • No prerequisites required
Related topics
  • Information Security
  • GRC
  • Information Governance
  • Risk Management
  • Compliance Assessment
  • Security Frameworks
  • Compliance Standards
Not sure where to start?
With over 500 assessments to choose from, you can see where your skills stand and receive adaptive learning recommendations to fill knowledge gaps in as little as 10 minutes.
Learn more

Learn with the best

Richard Harpur
Richard Harpur
Richard is a highly experienced technology leader with a remarkable career ranging from software development, project management through to C-level roles as CEO, CIO, and CISO. Richard is highly rated and ranked in Ireland's top 100 CIOs. As an author for Pluralsight - a leader in online training for technology professionals - Richard's courses are highly-rated in the Pluralsight library and focus on teaching critical skills in cybersecurity including ISO27001 and Ransomware. As a Certified Info...
Bobby Rogers
Bobby Rogers
Bobby E. Rogers is an information security engineer working as a contractor for Department of Defense agencies, helping to secure, certify, and accredit their information systems. His duties include information system security engineering, risk management, and certification and accreditation efforts. He retired after 21 years in the U.S. Air Force, serving as a network security engineer and instructor, and has secured networks all over the world. Bobby has a master’s degree in information assura...
John Elliott
John Elliott
John Elliott is a specialist in regulated security and data protection. His fascination is the way that people engage with security directives: whether that’s a company following external regulation, an information security team developing policies, an IT team following them, or a colleague who is just trying to do their job securely. John has led information security and data protection functions in aviation and financial services. He’s represented both Visa Europe and Mastercard on the PCI S...
Dr Shaila Rana
Dr Shaila Rana
Dr. Shaila Rana is the Founder of CyberSecure, the Co-Founder of ACT Research Institute, and serves as a Graduate Professor of Information Technology and Cybersecurity. Dr. Rana is the author of three books examining the intersection of AI and cybersecurity and emerging technologies. Currently, she serves as the Chair of an IEEE SA workgroup focusing on Zero Trust Cybersecurity for Health Technology, Tools, Services, and Devices and is an IEEE Senior Member. She holds a PhD specializing in Infor...
Mike Woolard
Mike Woolard
Mike is an information security manager who has worked in the IT and Information Security fields for 22+ years. A broad background from helpdesk to sysadmin, system engineer, networking, DB and development work. Most of Mike's work now centers around pentests and risk assessments, but an integral part will always be awareness training. An active member in various local security groups, Mike volunteers, speaks, or attends various information security cons.
Jo Harder
Jo Harder
Jo Harder is a self-professed nerd and has been involved with virtualization and secure remote access technologies for over 20 years. After holding several sales and marketing roles, she started her technical career at Citrix in 1999, where she became a Senior Architect. Her 11-year tenure included a combination of Citrix Consulting and Technical Readiness positions. Post Citrix, Jo has taken on roles focused on consulting services and hosting provider services, as well as technical marketing. S...

Join our learners and upskill
in leading technologies