911±¬ÁÏÍø

InfoSec GRC Analyst

Tackle the challenges of today's digital landscape head-on with the University of South Florida’s new Information Security Governance, Risk, and Compliance Analyst program (Infosec GRC Analyst), an online program designed to meet the critical shortage of cybersecurity professionals. This course is designed for individuals who are new to the field of Governance, Risk, and Compliance (GRC) and are seeking to transition into a cybersecurity or information security career.

It is ideal for professionals from non-technical backgrounds such as administration, finance, legal, healthcare, education, or project management who are interested in building a foundational understanding of how organizations manage risk, ensure compliance, and uphold cybersecurity governance. No prior experience in cybersecurity or IT is required.

The content is tailored to help learners connect their existing transferable skills with the key concepts, processes, and tools used in GRC roles. With expert instructors, a comprehensive curriculum, and flexible learning options, participants in this online training program will learn how to advise organizations on implementing security controls that can reduce cyber risks – and will earn a Credly digital badge to prove it.

---

CURRICULUM & COURSE DETAILS

Learn to navigate compliance challenges with the USF InfoSec GRC Analyst program. Start with information security fundamentals and progress to implementing and assessing organizations against industry standards. By the end of the program, participants will be able to advise organizations on ways to implement security controls that can reduce cyber risks.

Module 1 In this first step of your cybersecurity journey, you’ll learn what information security is, why it matters, and how it affects everyday life (at home, at work, and across industries).	Module 2 Introduces you to the essential technologies behind digital systems and explores the most common cyber threats that target them. By the end, you will be able to "talk the talk" and will understand how basic technology works and what makes systems vulnerable to attack.	Module 3 Offers a high-level introduction to the eight core cybersecurity domains and their role in protecting systems and data.
Module 4 This module builds your foundational knowledge of key security concepts, terms, and controls essential for a GRC role. You'll learn to identify threats, understand the CIA Triad, and classify security controls.	Module 5 Introduces the core principles of GRC, including key frameworks, policies, and risk management practices. Learners will explore roles, assessments, and assurance methods essential to effective information security and compliance.	Module 6 Introduces the NIST Cybersecurity Framework (CSF) and its five core functions (Identify, Protect, Detect, Respond, and Recover), which provide a strategic foundation for managing cybersecurity risks. Through real-world scenarios and structured methodologies, learners will gain practical skills in assessing threats, evaluating controls, and aligning risk management practices with NIST guidelines.
Module 7 Explores how to integrate emerging technologies into existing cyber risk frameworks, with a focus on developing an effective organizational profile that reflects the evolving digital ecosystem. Participants will learn how to apply Zero Trust principles, assess AI-related risks, and use the NIST CSF to build a resilient cybersecurity posture.	Module 8 Dives into information security assessments, remediation planning, and reporting, giving participants the skills needed to prepare an assessment.	Module 9 In the only required synchronous segment, the final module guides participants as they synthesize what they've learned by participating in an authentic audit scenario and producing a final report thus demonstrating their newly acquired skills.

---

FREQUENTLY ASKED QUESTIONS

How can I recommend one of my employees for this program?
Supervisor recommendations are not needed; simply refer employees to this page.

Do I have to meet any entry requirements in terms of educational background, certifications, or similar?
No specific industry certifications are not required nor is there a minimum degree requirement. Those with some technology experience, information systems, or information security work experience OR education are more likely to be successful in the program.

While the first few modules cover the basics of information security and the fundamentals needed for later lessons, participants should have basic knowledge of computer organization and architecture and mathematics before they begin the program.

Do I have to be a USF student or have a college degree to apply?
No, participants do not have to apply to be USF students, and they are not classified as degree-seeking students. This is a non-credit training program offered by USF Corporate Training and Professional Education.

Will there be homework or pre-reading?
Will I need to access or buy any textbooks? There are activities that learners will need to complete outside of the interactive modules. The final project will require participants to allocate time to complete. All course materials are digital, and access is included.

---

CONTENT/PROGRAM ELEMENTS

How do I access the modules?
Modules can be found in the Canvas learning management system. Participants should receive an invitation to open the course in Canvas. The page can be bookmarked in your browser for easy access.

How can I interact with instructors if the content is prerecorded?
Participants will receive instructor feedback on assignments as well as on the final project. Learners will be able to interact with instructors in real-time during scheduled office hours and via the Inbox in Canvas LMS.

Will there be quizzes or tests?
There will be knowledge checks at the end of modules - multiple attempts are allowed.

Is content captioned?
Yes, all videos will have captions, and we will provide transcripts.

---

COMPLETION AND CLAIMING THE BADGE

Will there be a final exam or a grade on the final project?
There is no final exam but participants must successfully complete the presentation and a course survey to earn the badge. This last module is the only synchronous segment and it guides participants as they synthesize what they've learned, complete an authentic audit exercise, and produce a report to demonstrate their newly acquired skills. Learners will prepare a report and present it to instructors, who will provide feedback and determine if the project passes. Details on the project and how to submit it are posted on Canvas LMS.

How will I know if I earned the badge?
Participants who earn the digital badge will receive an email inviting them to accept the credentials. A new login is required on the Credly site as it is separate from the Canvas learning management system. Credly requires a separate login.

• How do I claim my badge?
  • Participants who successfully complete the program will receive an email inviting them to accept their Credly credentials. The Credly site is separate from the Canvas learning management system and requires participants to create a separate login. Watch a how to
• When should I expect to receive it?
  • Invitations to accept the badge will be sent within 48 hours after participants submit a post-completion survey.
• How can my employer verify that I earned the certificate?
  • Once the digital badge is earned and claimed, employers will be able to click on the digital credential to verify the certification and view information on the topics and skills covered in the program.
• How do I put the badge on my social media accounts?
  • After claiming the badge and email, participants can display the badge on social media, electronic resumes or in email signatures.  for more information about managing the badge.
• My question is not listed here. Who should I reach out to for additional questions?
  • Email ce-inquiries@usf.edu to ask additional questions or reach a program advisor.