Two flagship courses • One live GRC lab

Learn GRC by
doing the work.

Built for |

Start with IT GRC Practitioner. Move into Industry Specialized GRC Analyst. Guided missions. Live lab. Real artifacts you can walk through in interviews.

Start the practitioner path
See the course map
0
Flagship Courses
One core path and one specialization path
0
Frameworks
Mapped across the live lab
0
Industry Overlays
Inside Course 02 at launch
0
Weekly Drill
Fresh practice that keeps the membership alive
Live Platform Preview

Real operating surfaces.
Not slide decks.

Risk registers, control crosswalks, audit evidence, and AI commands—all inside one unified lab that follows you through both courses.

grcmadesimple.io/lab
WORKSPACE
Acme Corp GRC
QUICK STATS
Open Risks24
Controls156
Findings8

Risk Register

24 active risks across 6 categories

3
Critical
8
High
13
Medium
IDRiskSeverityL × ITrend
RSK-001Cloud misconfiguration exposureCritical4 × 5 = 20
RSK-002Third-party vendor data breachHigh3 × 4 = 12
RSK-003Privileged access abuseHigh3 × 4 = 12
RSK-004Encryption key management gapMedium2 × 3 = 6
RISK MATRIX
1
2
1
1
2
3
2
1
3
2
1
1
1
Platform Scale
3.6K
Active Users
Building in the live lab
122K
Events
Real actions this year
63K
Views
Across all content
8m 47s
Avg. Session
Focused learning time

Frameworks mapped across both courses

NIST 800-53ISO 27001SOC 2CSF 2.0PCI DSS 4.0HIPAAHITRUSTSOX ITGCFedRAMPCMMCGDPRCCPAIEC 62443NERC CIPISO 42001EU AI ActISO 27701CIS v8NIST 800-53ISO 27001SOC 2CSF 2.0PCI DSS 4.0HIPAAHITRUSTSOX ITGCFedRAMPCMMCGDPRCCPAIEC 62443NERC CIPISO 42001EU AI ActISO 27701CIS v8
How It Works

Three steps to real
operating proof.

Not theory dumps. Not checkbox courses. A system that builds judgment through deliberate practice inside a live lab.

01

Build the core first

Start with IT GRC Practitioner. Learn the language, make the first risk calls, map controls, review evidence, and explain posture clearly inside the lab.

Course 01 · 12–16 weeks
02

Carry it into industry pressure

Move into Course 02 when the core is solid. The method stays consistent while the sector pressure, frameworks, evidence, and stakeholders change.

Course 02 · 9 launch overlays
03

Keep your edge sharp

Stay subscribed for weekly drills, monthly cases, and recurring proof-building work so the platform keeps producing new judgment, not static completion stats.

Weekly + monthly recurring practice
Who This Is For

Three starting points.
One serious system.

The courses stay the same. What changes is where you start, how much proof you already have, and which pressure you need to train for next.

Career switcher or new learner

University student, recent graduate, or non-technical professional entering GRC for the first serious time

Risk languageControl basicsEvidence reviewFirst usable artifacts
Salary Range
$60K – $95K
Learning Path
Start with Course 01
Timeline
3–6 months
Outcome
First GRC role

GRC analyst or IT auditor

Early-career practitioner who needs stronger operating depth, sharper artifacts, and better interview signal

Crosswalk logicEvidence judgmentFindings flowLeadership updates
Salary Range
$80K – $120K
Learning Path
Finish Course 01, then add Course 02
Timeline
2–4 months
Outcome
Stronger analyst with real proof

Working specialist under pressure

Practitioner who needs sector depth in Healthcare, Financial Services, Privacy, AI, OT, or Government

Sector frameworksStakeholder defenseCapstone workPortfolio credibility
Salary Range
$120K – $200K+
Learning Path
Use Course 02 + recurring drills
Timeline
3–6 months
Outcome
Specialist or lead trajectory
Why This Is Different

Not a catalog.
A connected training system.

CapabilityTraditionalGRC Made Simple
Public structureDozens of disconnected topicsTwo flagship courses on one shared lab
Lesson flowLong theory then quizTheory, video, check, then guided mission
Practice surfaceTemplates and lecture slidesLive work across risk, controls, evidence, and reporting
SpecializationSeparate mini-coursesOne industry course with sector overlays
Proof of skillCompletion badgeProjects, capstones, and usable artifacts
RetentionStatic library after checkoutWeekly drills, monthly cases, and portfolio refreshes
Courses

Two flagship courses.
One connected lab.

Course 01 builds the operating core. Course 02 carries that method into regulated sectors where evidence and pressure change.

Industries

Course 02 overlays.
Shared method. Different pressure.

What Learners Say
"

This lab gave me the hands-on practice no certification course ever did. I went from theory to building actual risk registers in a week. It changed my career trajectory.

SK
Sarah K.
GRC Analyst → Senior Analyst

"I switched from IT operations to GRC. The guided missions and crosswalk engine were absolute game-changers. Landed a role within 3 months."

MT
Marcus T.
IT Ops → GRC Career Switch

"I've used every GRC training out there. Nothing comes close to actually doing the work in a live lab. The OT/ICS track is genuinely unique."

PR
Priya R.
Compliance Manager
Pricing

Start free.
Unlock when it clicks.

Starter

Enter through the practitioner starter arc before committing to the full platform.

$0forever
Practitioner starter arc
Core references and selected guided missions
One mini project
Meaningful feel for the live lab
MOST POPULAR

Pro

Unlock both courses, every project, every capstone, and ongoing lab practice.

$29/mo
Full IT GRC Practitioner access
Full Industry Specialized GRC Analyst access
All theory, video, knowledge check, and guided mission layers
Projects and capstones across both courses
Weekly drills, monthly cases, and recurring lab work
Lab-linked artifacts and exports

Team

Run the same paths with manager visibility and cohort-level oversight.

$29/user/mo
Everything in Pro
Team progress dashboards
Manager reviews
Shared pathways and private cohorts
Priority support
Internal enablement use cases

Enterprise

Private learning environments for large-scale GRC programmes.

Custom
Everything in Team
SSO / SAML
Custom frameworks
Private learning paths
Dedicated onboarding
White-label options
FAQ

Questions & Answers

Start with the operating core.
Grow into regulated industry depth.

One practitioner course, one specialization course, and a recurring lab layer that keeps giving new work. Start free.

Start free