AiVRIC Academy
AiVRIC Academy βeta

Master continuous security
governance & risk operations.

Hands-on courses built for security teams operating CloudSignals+RiskOps — covering cloud posture, GRC, information assurance, and AI-assisted risk intelligence. Earn practitioner badges and professional certifications.

13+
Expert courses
4
Certification paths
4
Cloud providers
80%
Pass threshold for certification
How the Academy is structured
Foundations
60–90 min

Short topic courses covering core concepts, platform orientation, and the why behind each module. No prerequisites required. Start here.

Practitioner
3–5 hours

Hands-on platform workflows with in-platform walkthroughs, interactive checklists, and knowledge checks per module. Builds toward certification.

Certification
90–120 min

40 knowledge questions + 5 scenario questions + 1 practical lab. Passing score: 80%. Downloadable certificate and LinkedIn-shareable badge issued on completion.

Learning paths
Governance Leader
Professional Certification
3 courses  ·  ~8.5 hours
Take Certification Exam
Security Operator
Professional Certification
3 courses  ·  ~7.5 hours
Take Certification Exam
GRC / Audit
Professional Certification
4 courses  ·  ~11 hours
Take Certification Exam
Engineer / Architect
Professional Certification
3 courses  ·  ~9 hours
Take Certification Exam
Foundational knowledge

Platform-agnostic deep-dives into the domains that underpin every practitioner course. Start here if you're building or refreshing your security fundamentals.

Foundation
Introduction to Information Security GRC
A comprehensive introduction to Governance, Risk, and Compliance. Covers ISO 27001, NIST CSF 2.0, ISO 31000, COBIT 2019, CIS Controls, risk treatment, program operations, and GRC automation.
~3 hours 6 modules Start
Foundation
Introduction to Data Security & Privacy
Covers the full data security and privacy domain: GDPR, CCPA/CPRA, HIPAA, ISO 27701, data classification, DLP, encryption, ROPA, DPIA, Privacy by Design, and data transfer mechanisms.
~3 hours 6 modules Start
Foundation
Introduction to Modern Cybersecurity Operations
Covers SOC models, SIEM/SOAR/EDR/XDR, MITRE ATT&CK, threat intelligence, vulnerability management with CVSS+EPSS+KEV, incident response (NIST 800-61), cloud security operations, and SecOps metrics.
~3 hours 6 modules Start
Foundation
Introduction to DevSecOps
Shift-left security in the software development lifecycle: STRIDE threat modeling, SAST/DAST/SCA, CI/CD pipeline hardening, SBOM and supply chain security, container and Kubernetes security, and OWASP SAMM maturity.
~3 hours 6 modules Start
Certification tracks
Practitioner
Security & Privacy Governance
Build a governance operating model using UCB, privacy readiness, evidence lineage, and RiskOps execution. Covers ISO 27701, GDPR, CCPA/CPRA, HIPAA, and AI-assisted governance.
~3 hours 6 modules Start
Practitioner
Information Assurance
Manage assurance as an evidence-backed, AO-level continuous process. Covers Assessment Objectives, Evidence Fabric, Assurance Calendar, exceptions, compensating controls, and audit packages.
~3 hours 6 modules Start
Practitioner
Cloud Security
Use CloudSignals for continuous multi-cloud posture management across AWS, Azure, GCP, and OCI. Covers CSPM, scan lifecycle, misconfigurations, compliance vs. UCB governance, and Vision-assisted investigation.
~2.5 hours 6 modules Start
Practitioner
Asset Governance
Turn asset inventory into business-context security governance. Covers ownership, criticality, crown jewels, Surface navigation, asset-to-finding-to-risk, and third-party exposure.
~2.5 hours 6 modules Start
Practitioner
Secure Engineering & Architecture
Embed security, privacy, and control requirements into design and delivery. Covers UCB-driven architecture, secure engineering workflow, architecture evidence, AI/agentic governance, and exception handling.
~3.5 hours 6 modules Start
Practitioner
Vulnerability Management
Operate vulnerability management as risk-based prioritization, treatment, and verification. Covers lifecycle, findings and risk signals, RiskOps treatments, POA&M workflows, and executive posture reporting.
~2.5 hours 6 modules Start
Practitioner
Web Security
Govern web-facing risk across exposure, application controls, cloud edges, and remediation workflows. Covers attack surface mapping, common web risks, web evidence, posture linkage, and executive communication.
~2.5 hours 6 modules Start
GRC / Audit
AST Assessor Procedures
SCF AST-01 asset governance assessor procedures for enterprise and startup environments. Covers ITAM, CMDB, endpoint, DNS, cloud, SaaS, GitHub, monitoring, lifecycle, and evidence compilation.
~90 min 5 modules Start

Every course that includes a quiz awards a verifiable practitioner badge. Complete all courses in a path to earn a full Professional Certification — with a downloadable PDF certificate, LinkedIn credential, and public verification link.

Course Practitioner Badge
Hexagonal SVG badge with your name, credential ID, and issue date. Downloadable and shareable.
Professional Path Certification
Printable A4 certificate + LinkedIn "Add Certification" link. Valid 2 years with public verification.
Public Credential Verification
Every credential has a unique ID employers can verify at academy.aivric.com/verify.
AiVRIC ACADEMY 🛡 PRACTITIONER Cloud Security AiVRIC ACADEMY PROFESSIONAL Governance Leader
Earn shareable badges and professional certifications as you complete courses and paths.
Verify a credential →
Foundation & provider resources
Free · Foundation
Getting Started with RiskOps
The end-to-end RiskOps flow: assets → findings → business processes → treatments → governance. Start here if you're new to CloudSignals.
~45 min 5 modules Start
Guide
CRPM Program Guide
Curriculum map, audience routing, delivery playbook, and success metrics for the CloudSignals CRPM training program.
Reference All roles View
Provider team
Provider Onboarding Foundations
Provider operating model, launch phases, client onboarding workflow, findings quality standards, and reporting cadence.
~45 min 6 modules Start
Provider Admin
Provider Admin & CRPM Operations
Provider Console, client lifecycle, branding, GRC administration, RiskOps entitlement control, AI configuration, and operating cadence.
~60 min 7 modules Start
Why AiVRIC Academy
Process-first curriculum

Every course teaches the why before the how. You leave with a mental model for continuous security operations, not just click-paths.

In-platform walkthroughs

Each module includes an "In the Platform" section with the exact navigation sequence to follow in your CloudSignals+RiskOps tenant — right now.

Sprint-ready checklists

Interactive checklists track your progress and double as a sprint-ready task list to carry back to your team after each module.

Verifiable credentials

Practitioner badges and path certifications are real, verifiable credentials — useful for training records, compliance evidence, and LinkedIn profiles.

AI-integrated content

Courses include Vision AI workflows: generating audit narratives, investigating risk signals, and validating AI outputs for governance use — not just theory.

Multi-framework coverage

Content maps to CIS, NIST CSF, ISO 27001/27701, SOC 2, GDPR, HIPAA, CCPA, PCI-DSS, and the UCB control ontology — across all courses.

Questions?
Email support@aivric.com or open a ticket via the platform.
Platform Guide
Full reference docs at aivric.com/AiVRIC-UserGuide
Live walkthrough
Book a guided setup session at calendly.com/aivric-sales
Verify a credential
Confirm any AiVRIC Academy credential at academy.aivric.com/verify