Sigmatak Academy

Cyber GRC training built by practitioners, not theorists.

Practical governance, risk and compliance training from 20+ years of real enterprise programmes — not recycled slideware. Try Module 1 of the Cyber GRC Masterclass for £15 — all 20 modules available by end of September 2026.

20+
Years enterprise GRC
CPD
Certified curriculum
1:1
Practitioner-led, not outsourced
Courses

Start with what's live.

The Academy is growing one course at a time — each one built and taught the same way Sigmatak runs client engagements.

Module 1 out now · £15

Cyber GRC Masterclass

A 20-module programme — all modules available by end of September 2026. Try Module 1 for £15 and lock in 50% off every remaining module or the full course.

View course →
Coming soon

Information Security Awareness

A seat-based ISO 27001:2022-aligned awareness course for staff across the business.

🔒 In production
Coming soon

AI Governance Essentials

Practical AI risk and governance for leaders deploying AI systems responsibly.

🔒 In production
Coming soon

ISO 27001 Lead Implementer Prep

Exam-focused preparation for ISO 27001:2022 lead implementer certification.

🔒 In production
Featured Course · Module 1 Out Now

Cyber GRC Masterclass

A practitioner-led, 20-module programme — build and run a governance, risk and compliance function from the ground up. Module 1 is live now; all 20 modules available by end of September 2026.

CPD Certified ISO 27001:2022 aligned CISM-aligned content Built around a case study

Who it's for

  • GRC, risk and compliance professionals building or formalising a programme
  • IT and security managers who've inherited GRC responsibility without formal training
  • Consultants who want a structured, defensible methodology to bring to clients
  • Anyone preparing for ISO 27001, CISM, or a first GRC leadership role

Module 1 — GRC Foundations

  1. The CIA Triad & why GRC is one discipline
    Confidentiality, integrity and availability as the foundation everything else builds on.
  2. The risk chain & three lines of defence
    How threats become business impact, and who's accountable at each stage.
  3. Framework crosswalk
    ISO 27001, NIST CSF 2.0, CIS Controls v8 and COBIT 2019 mapped against five control domains.
  4. Applied to a running case study
    Worked through Clearview Software Ltd, a SaaS company pursuing ISO 27001 certification and SOC 2 Type II attestation.

~90 minutes (25 min video · 10 min quiz · 55 min assignment). Includes a 40-control GRC Maturity Scorecard workbook and a CEO Briefing Note template you can use immediately.

All 20 modules release by end of September 2026 at £30 each. Register before 30 September 2026 and receive a permanent 50% discount code — use it on any remaining module (£15 each) or the full 20-module course (£249.50 instead of £499), for as long as you need it.

Clearview Software Ltd is a fictional composite organisation created for teaching purposes. It does not represent any real Sigmatak client or engagement.

What you get with Module 1

20-slide video lesson + quiz
GRC Maturity Scorecard (40 controls)
CEO Briefing Note template
CPD certificate on completion
Lifetime access to updates
50% off remaining modules or full course
TA
Tahir Alvi
CISSP · CISM · ISO 27001 Lead Auditor · MSc Information Security (Royal Holloway)

Course built by Tahir Alvi, Founder of Sigmatak, with 20+ years of enterprise GRC experience across energy, finance and government — including major engagements at Shell, Chevron and Basrah Gas Company. Delivered via an AI avatar.

Start with Module 1

Try the foundations before you commit to the full programme.
FULL COURSE · 20 MODULES
£499 all modules by Sep 2026
Get Module 1 — £15 Request a team quote
Secure checkout · CPD certificate included
Why Sigmatak Academy

Trained the way it's actually practised.

PRACTITIONER-LED

Built from real engagements

Every framework taught here has been run on real client programmes, not adapted from a textbook.

TEMPLATE-BACKED

Leave with working tools

Risk registers, gap assessments and policy starters you can use on day one, not just slides.

CASE-STUDY DRIVEN

One company, start to finish

A single running case study ties every module together, so you see how decisions compound.