Certified in Risk and Information Systems Control (CRISC®)
Course number: CGICRISC40
The CRISC course will cover all four domains of the ISACA Certified in Risk and Information Systems Control (CRISC) exam and will provide the knowledge and concepts required to obtain CRISC certification. Since its inception in 2010, the CRISC certification is designed for IT and business professionals who identify and manage risks through the development, implementation, and maintenance of appropriate information systems (IS) controls.
What are the course objectives?
The CRISC certification training is aligned to ISACA® and prepares you to pass the exam.
What skills will you learn?
By the end of this CRISC training, you will know:
• IT Risk Identification
• IT Risk Assessment
• Risk Response and Mitigation
• Risk Control, Monitoring, and Reporting
Prerequisites
- At least three years cumulative work experience performing tasks across at least three of the CRISC domains is recommended.
Certification
Certified in Risk and Information Systems Control (CRISC)
Exam
ISACA Certified in Risk and Information Systems Control
(CRISC) Exam
Accreditation
Post class completion, students can appear for the ISACA Certified in Risk and Information Systems Control (CRISC) exam.
Course Outline
- Class Overview
- CRISC Domains
- Test Registration
- Good Practices for Risk Management
- Components of Risk Management
- Methods for Risk Identification
- Risk Culture and Communication
- The Businesses IT Risk Structure
- Risk Principles and Concepts
- Vulnerabilities and Threats
- Assets
- Threats
- Vulnerabilities
- Vulnerability Assessment
- Pen Testing
- Probability/Likelihood
- IT Risk
- IT Risk Scenarios
- Ownership and
- Accountability
- Other Risk Concepts
- Risk Awareness
- Risk Assessment vs. Risk Identification
- Techniques for Risk Assessment
- Risk Scenarios
- Analyzing the Current State of Controls
- Risk and Control Analysis
- Risk Analysis Technique
- Incident Response
- Business Risk
- Risk Associated with Enterprise Architecture
- Management of Data
- Emerging Technologies and Threats
- Industry Trends
- Third Party Management
- Project and Program Management
- SDLC
- Recovery and Business Continuity
- Risk Assessment Reports
- Ownership of Risk and Accountability
- Communication of Report Results
- Risk Response and Business Objectives Alignment
- Response Options
- Techniques for Analysis
- New Controls and Related
- Vulnerabilities
- A Risk Action Plan
- Techniques for BPR
- Design and Implementation of Controls
- Control Monitoring
- Inherent and Residual Risk
- Control Objectives Practices and Metrics
- Cryptography as a Control
- Control Design and Implementation
- Emerging Technologies and Controls
- Ownership of Controls
- Management Procedures and Documentation
- Response and Action Plan
- Key Risk Indicators
- Risk Management Life Cycle
- Key Performance and Goal Indicators
- Data Collection and Extracting Techniques
- Changes in Risk Profile
- Monitoring Controls
- Control Assessment Types
- Control Assessment Results
- Risk Profile Changes
- Key Risk Indicators
- Test Review
- Test Registration
- Test Preparation
- Certification Maintenance