CRISC Certified in Risk and Information Systems Control

4.6 out of 5 rating

Jump to dates

Duration

3 Days

18 CPD hours

This course is intended for

This course is ideal for
Professionals preparing to become CRISC certified.
Risk practitioners
Students or recent graduates

Overview

At course completions, students will understand the essential concepts in the 4 ISACA CRISC domains:
Governance
IT Risk Assessment
Risk Response and Reporting
Information Technology and Security

Description

This 3 Day CRISC course is geared towards preparing students to pass the ISACA Certified in Risk and Information Systems Control examination. The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice. CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders.

GOVERNANCE - a. Organizational Governance
  • Organizational Strategy, Goals, and Objectives
  • Organizational Structure, Roles, and Responsibilities
  • Organizational Culture
  • Policies and Standards
  • Business Processes
  • Organizational Assets
GOVERNANCE - b. Risk Governance
  • Enterprise Risk Management and Risk Management Framework
  • Three Lines of Defense
  • Risk Profile
  • Risk Appetite and Risk Tolerance
  • Legal, Regulatory, and Contractual Requirements
  • Professional Ethics of Risk Management
IT RISK ASSESSMENT - a. IT Risk Identification
  • Risk Events (e.g., contributing conditions, loss result)
  • Threat Modelling and Threat Landscape
  • Vulnerability and Control Deficiency Analysis (e.g., root cause analysis)
  • Risk Scenario Development
IT RISK ASSESSMENT - b. IT Risk Analysis and Evaluation
  • Risk Assessment Concepts, Standards, and Frameworks
  • Risk Register
  • Risk Analysis Methodologies
  • Business Impact Analysis
  • Inherent and Residual Risk
RISK RESPONSE AND REPORTING - a. Risk Response
  • Risk Treatment / Risk Response Options
  • Risk and Control Ownership
  • Third-Party Risk Management
  • Issue, Finding, and Exception Management
  • Management of Emerging Risk
RISK RESPONSE AND REPORTING - b. Control Design and Implementation
  • Control Types, Standards, and Frameworks
  • Control Design, Selection, and Analysis
  • Control Implementation
  • Control Testing and Effectiveness Evaluation
RISK RESPONSE AND REPORTING - c. Risk Monitoring and Reporting
  • Risk Treatment Plans
  • Data Collection, Aggregation, Analysis, and Validation
  • Risk and Control Monitoring Techniques
  • Risk and Control Reporting Techniques (heatmap, scorecards, dashboards)
  • Key Performance Indicators
  • Key Risk Indicators (KRIs)
  • Key Control Indicators (KCIs)
INFORMATION TECHNOLOGY AND SECURITY - a. Information Technology Principles
  • Enterprise Architecture
  • IT Operations Management (e.g., change management, IT assets, problems, incidents)
  • Project Management
  • Disaster Recovery Management (DRM)
  • Data Lifecycle Management
  • System Development Life Cycle (SDLC)
  • Emerging Technologies
INFORMATION TECHNOLOGY AND SECURITY - b. Information Security Principles
  • Information Security Concepts, Frameworks, and Standards
  • Information Security Awareness Training
  • Business Continuity Management
  • Data Privacy and Data Protection Principles
Training Insurance Included!

When you organise training, we understand that there is a risk that some people may fall ill, become unavailable. To mitigate the risk we include training insurance for each delegate enrolled on our public schedule, they are welcome to sit on the same Public class within 6 months at no charge, if the case arises.

What people say about us


Global Schedule

GTR = Guarenteed to Run

05 Mar 24 Enquire Book
14:00 - 22:00Live Online GTR2,037
05 Jun 24 Enquire Book
14:00 - 22:00Live Online GTR2,037

Find out more about this course

Interested in alternative dates? Would like to book a private session of this course for your company? Or for any other queries please simply fill out the form below.