› Certifications · compare
Compare certifications
Pick up to 3 certifications and compare them side-by-side on cost, exam format, recertification, salary signal, quality, and domain coverage.
ISC2 · professional
CGRC(ISC)2 Certified in Governance, Risk and Compliance
(ISC)2 Certified in Governance, Risk and Compliance
Official pageISACA · professional
CISACertified Information Systems Auditor
IS audit, governance, control testing, and assurance.
Official pageComparing
ISC2CGRC
ISACACISA
› Cost
Exam fee
CGRC$599
CISA$760
Exam fee
$599
$760
Annual maintenance fee
CGRC$125/yr
CISA$45/yr
Annual maintenance fee
$125/yr
$45/yr
3-year cost of ownership
CGRC$974
CISA$895
3-year cost of ownership
$974
$895
› Exam mechanics
Pass mark
CGRC700/1000 (scaled)
CISA450/800 (scaled)
Pass mark
700/1000 (scaled)
450/800 (scaled)
Retake policy
CGRC$599 fee · 30d wait · 4/yr cap
CISA$575 fee · 30d wait · 4/yr cap
Retake policy
$599 fee · 30d wait · 4/yr cap
$575 fee · 30d wait · 4/yr cap
Study time
CGRC60–120 hrs
CISA120–250 hrs
Study time
60–120 hrs
120–250 hrs
Validity
CGRC3 yrs
CISA3 yrs
Validity
3 yrs
3 yrs
CPE / yr
CGRC20 CPEs
CISA40 CPEs
CPE / yr
20 CPEs
40 CPEs
Delivery
CGRCtest center
CISAtest center
Delivery
test center
test center
› Salary signal (US base)
Range
CGRC$105K – $160K
CISA$100K – $150K
Range
$105K – $160K
$100K – $150K
Median
CGRC$130,000
CISA$122,000
Median
$130,000
$122,000
Premium %
CGRC—
CISA+9%
Premium %
—
+9%
Role context
CGRCFederal/regulated GRC analyst, US, 4-7 years.
CISAIT Auditor / SOX auditor / IS audit manager, US, 5+ years.
Role context
Federal/regulated GRC analyst, US, 4-7 years.
IT Auditor / SOX auditor / IS audit manager, US, 5+ years.
› Quality (4-axis rubric · 0–10)
Schema quality
CGRC7.5
CISA9.0
Schema quality
7.5
9.0
Practice evidence
CGRC1.5
CISA2.0
Practice evidence
1.5
2.0
Maintenance
CGRC7.0
CISA8.5
Maintenance
7.0
8.5
Market recognition
CGRC6.0
CISA9.0
Market recognition
6.0
9.0
Average
CGRC5.5
CISA7.1
Average
5.5
7.1
› Recognition & lifecycle
Recognition
CGRCGlobal
CISAGlobal · US · EU · UK · DACH
Recognition
Global
Global · US · EU · UK · DACH
ISO 17024 accredited
CGRC—
CISA✓
ISO 17024 accredited
—
✓
DoD 8140 baseline
CGRC—
CISA✓
DoD 8140 baseline
—
✓
Holders worldwide
CGRC—
CISA165,000
Holders worldwide
—
165,000
Current version
CGRC2024 CBK refresh (2024-04)
CISA2024 job-practice analysis (2024-06)
Current version
2024 CBK refresh (2024-04)
2024 job-practice analysis (2024-06)
› Domain coverage
A1Governance, Risk & Compliance
CGRC● core
CISA● core
A1Governance, Risk & Compliance
● core
● core
A12Data Security, Privacy & Protection
CGRC·
CISA○ touched
A12Data Security, Privacy & Protection
·
○ touched
A13Supply Chain Security
CGRC·
CISA○ touched
A13Supply Chain Security
·
○ touched
A18Security Leadership
CGRC·
CISA○ touched
A18Security Leadership
·
○ touched
Browse the full catalog or open any one of these on its detail page for full study materials, peer comparisons, and lifecycle notes.