This 3 Day CRISC course is geared towards preparing students to pass the ISACA Certified in Risk and Information Systems Control examination. The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice. CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders.

starstarstarstarstar_outline

* Actual course outline may vary depending on offering center. Contact your sales representative for more information.

Learning Objectives

At course completions, students will understand the essential concepts in the 4 ISACA CRISC domains:
Governance
IT Risk Assessment
Risk Response and Reporting
Information Technology and Security

1
  • GOVERNANCE - A. ORGANIZATIONAL GOVERNANCE

  • Organizational Strategy, Goals, and Objectives

    Organizational Structure, Roles, and Responsibilities

    Organizational Culture

    Policies and Standards

    Business Processes

    Organizational Assets


2
  • GOVERNANCE - B. RISK GOVERNANCE

  • Enterprise Risk Management and Risk Management Framework

    Three Lines of Defense

    Risk Profile

    Risk Appetite and Risk Tolerance

    Legal, Regulatory, and Contractual Requirements

    Professional Ethics of Risk Management


3
  • IT RISK ASSESSMENT - A. IT RISK IDENTIFICATION

  • Risk Events (e.g., contributing conditions, loss result)

    Threat Modelling and Threat Landscape

    Vulnerability and Control Deficiency Analysis (e.g., root cause analysis)

    Risk Scenario Development


4
  • IT RISK ASSESSMENT - B. IT RISK ANALYSIS AND EVALUATION

  • Risk Assessment Concepts, Standards, and Frameworks

    Risk Register

    Risk Analysis Methodologies

    Business Impact Analysis

    Inherent and Residual Risk


5
  • RISK RESPONSE AND REPORTING - A. RISK RESPONSE

  • Risk Treatment / Risk Response Options

    Risk and Control Ownership

    Third-Party Risk Management

    Issue, Finding, and Exception Management

    Management of Emerging Risk


6
  • RISK RESPONSE AND REPORTING - B. CONTROL DESIGN AND IMPLEMENTATION

  • Control Types, Standards, and Frameworks

    Control Design, Selection, and Analysis

    Control Implementation

    Control Testing and Effectiveness Evaluation


7
  • RISK RESPONSE AND REPORTING - C. RISK MONITORING AND REPORTING

  • Risk Treatment Plans

    Data Collection, Aggregation, Analysis, and Validation

    Risk and Control Monitoring Techniques

    Risk and Control Reporting Techniques (heatmap, scorecards, dashboards)

    Key Performance Indicators

    Key Risk Indicators (KRIs)

    Key Control Indicators (KCIs)


8
  • INFORMATION TECHNOLOGY AND SECURITY - A. INFORMATION TECHNOLOGY PRINCIPLES

  • Enterprise Architecture

    IT Operations Management (e.g., change management, IT assets, problems, incidents)

    Project Management

    Disaster Recovery Management (DRM)

    Data Lifecycle Management

    System Development Life Cycle (SDLC)

    Emerging Technologies


9
  • INFORMATION TECHNOLOGY AND SECURITY - B. INFORMATION SECURITY PRINCIPLES

  • Information Security Concepts, Frameworks, and Standards

    Information Security Awareness Training

    Business Continuity Management

    Data Privacy and Data Protection Principles


Audience

This course is ideal for Professionals preparing to become CRISC certified. Risk practitioners Students or recent graduates

Language

English

Prerequisites

$2,245

Length: 3.0 days (24 hours)

Level:

Not Your Location? Change

Course Schedule:

Schedule select
18
Dec
Monday
9:00 AM ET -
5:00 PM ET
Available
Schedule select
05
Mar
Tuesday
8:00 AM PT -
4:00 PM PT
Available
Schedule select
05
Jun
Wednesday
9:00 AM ET -
5:00 PM ET
Available
Loading...