CPD-certified training in GRC Essentials, ISAE 3402, SOC 2, ISO 27001, and ISAE 3000. Expert-led, online, and built for compliance officers, auditors, and governance professionals across the UK.
Empowered professionals in over 50 countries to lead in governance, risk, and compliance
8 Years of ExperienceJoin 1000s of professionals who rely on us to expand their GRC expertise, earn certifications, and accelerate their career growth
Empowered professionals in over 50 countries to lead in governance, risk, and compliance
Join 1000s of professionals who rely on us to expand their GRC expertise, earn certifications, and accelerate their career growth
GRC training is structured professional development in governance, risk management, and compliance frameworks. It equips professionals with the knowledge and skills to design governance structures, manage organisational risk, meet regulatory compliance obligations, and demonstrate GRC maturity through internationally recognised certifications such as ISAE 3402, SOC 2, and ISO 27001.
Effective governance, risk, and compliance management is no longer a back-office function. Regulators, customers, and investors now expect organisations to demonstrate measurable GRC maturity — and that starts with qualified professionals who understand the frameworks.
GRC training at GRC Index covers the full compliance lifecycle: from foundation-level GRC principles through to advanced practitioner programmes in ISAE 3402, SOC 2, ISO 27001, and ISAE 3000. All courses are CPD-certified and designed specifically for the UK and European regulatory environment, including DORA, NIS2, and GDPR obligations.
Whether you are a compliance officer building a governance framework from scratch, an internal auditor preparing for an ISAE 3402 engagement, or an IT security manager pursuing ISO 27001 certification — our courses give you the practical, standards-based knowledge to perform with confidence.
GRC Index offers five CPD-certified training programmes, each mapped to internationally recognised standards and to the five domains assessed in the GRC Index: Governance, Risk Management, Compliance, Resilience, and Data Security. Each programme is available online and can be taken individually or as a progression pathway.
Recommended Course
Why GRC Training Matters for This Role
GRC training through GRC Index is unique in one critical respect: our courses are developed and delivered in direct alignment with the GRC Index assessment framework — the same five-domain model that 400+ organisations use to benchmark their governance, risk, and compliance performance.
When a professional completes GRC Index training, they do not just earn a certificate. They gain the specific knowledge that translates directly into measurable improvements in their organisation's GRC Score across Governance, Risk Management, Compliance, Resilience, and Data Security.
Detail
GRC training is professional development in governance, risk management, and compliance frameworks. It equips professionals with skills to design governance structures, manage organisational risk, meet regulatory obligations, and pass internationally recognised certifications such as ISAE 3402, SOC 2, and ISO 27001. GRC training is CPD-certified and applicable across all regulated industries.
GRC Index offers five CPD-certified training programmes: GRC Essentials (foundation level), ISAE 3402 / SOC 1 Training, SOC 2 / ISAE 3000 Training, ISO 27001 Training, and GRC Governance & Risk Advanced. All courses are available online and are mapped to the five domains of the GRC Index assessment framework.
GRC training is suitable for compliance officers, risk managers, internal auditors, IT security professionals, CISOs, board members, finance professionals, and anyone responsible for governance, risk, or compliance functions in their organisation. It is particularly valuable for professionals in regulated industries including financial services, technology, healthcare, and professional services.
GRC training is the learning programme — it builds knowledge of governance, risk, and compliance frameworks and practices. GRC certification is a credential awarded upon completing the training and passing an assessment. At GRC Index, all courses are CPD-certified, meaning completion earns a recognised professional development certificate.
Yes. All GRC Index training courses are delivered online, making them accessible to professionals across the UK, Europe, and internationally. Courses are self-paced or instructor-led with scheduled cohorts. Online delivery allows professionals to complete GRC training around their work commitments.
ISAE 3402 training is specialist professional development in the ISAE 3402 international assurance standard (the equivalent of SOC 1 / SSAE 18 in the US). It covers service organisation controls, Type I and Type II reporting, control objectives, audit evidence, and readiness for ISAE 3402 assurance engagements. It is essential for service organisations and their auditors.
GRC Index training programmes are directly mapped to the five domains assessed in the GRC Index: Governance, Risk Management, Compliance, Resilience, and Data Security. Professionals who complete GRC training gain the knowledge to design and implement controls that directly improve their organisation's independently assessed GRC Score.
SOC 2 and ISAE 3000 serve the same assurance purpose but apply different standards. SOC 2 uses the AICPA Trust Services Criteria and is the US standard for service organisation data security. ISAE 3000 is the international standard published by the IAASB, used predominantly in Europe and internationally. ISAE 3000 is the international equivalent of SOC 2.
© 2025 GRC Index. All rights reserved.