Loading...
Loading...
RGA Domain
Compliance as a continuous state
Risk Governance and Assurance is the command tent. Strategic oversight, regulatory compliance, and organizational risk management. This domain covers frameworks, audits, board-level reporting, and the governance structures that align security with business objectives. RGA ensures that security decisions are informed by risk and accountable to stakeholders.
CDA Proprietary Methodology
Perpetual Compliance Assurance (PCA) treats compliance as a continuous state, not a periodic event. PCA automates evidence collection, monitors control effectiveness, and maintains audit readiness at all times.
Core subject areas covered in RGA courses across all certification levels.
NIST CSF, ISO 27001, COBIT, and CIS Controls. Framework selection and implementation.
SOC 2, HIPAA, PCI DSS, GDPR, and industry-specific compliance requirements.
Qualitative and quantitative methods, risk registers, heat maps, and treatment options.
Audit preparation, evidence management, finding remediation, and continuous readiness.
Risk metrics for executives, cyber risk quantification, and stakeholder communication.
Security policy frameworks, standards, procedures, and guideline development.
Six courses, one per certification level, taking you from foundations to command.
Roles that RGA certifications prepare you for, from entry level to executive.
Start with Risk Governance & Assurance Foundations (free), then advance through six certification levels to Commander.