Certified Risk & Information Systems Control (CRISC) Certification and Training Course

About CRISC Certification

Certified Risk & Information Systems Control (CRISC) is a framework outlined for diminishing threats to overall business mechanics. It is a measure to supplement your abilities to plan and appliance in a real place of work with effective risk reduction apprehensions without any torment to innovations. With full-fledged training in CRISC, you will be acknowledged as a professional with the capabilities to comprehend and resolve organizational IT risk.

capabilities to comprehend and resolve organizational IT risk.

Accredited by :

Prerequisite

3 years of progressive experience in IT Risk management and IS control and across 2 of the 4 domains of CRISC, one in Domain 1 or 2 is a necessity.
Another CRISC certification from its successful accomplishment of the examination.
Adherence to the professional ethics of the CRISC certification code.
Adherence to ISACA continuing Professional Education (CPE) Policy.

CRISC Course Curriculum

CRISC (Certified in Risk and Information Systems Control) - 3 Days (24 Hours)

The CRISC course is designed for those who have experience with risk identification, assessment, and evaluation; risk response; risk monitoring; information systems control design and implementation; and information systems control monitoring and maintenance.

1 - INTRODUCTION TO IT RISK MANAGEMENT

Governance and Risk management
The Context of IT Risk Management
Key Concepts of Risk
Risk in Relation to Other Business Functions
IT Risk Management Good Practices

2 - IT RISK

Risk Capacity, Risk Appetite, and Risk Tolerance
Risk Culture and Communication
Elements of Risk
Information Security Risk Concepts and Principles
The IT Risk Strategy of the Business
IT Concepts and Areas of Concern for the Risk Practitioner
Methods of Risk Identification
IT Risk Scenarios
Ownership and Accountability
The IT Risk Register
Risk Awareness

3 - IT RISK ASSESSMENT

Risk Assessment Techniques
Analyzing Risk Scenarios
Current State of Controls
Changes in the Risk Environment
Project and Program Management
Risk and Control Analysis
Risk Analysis Methodologies
Risk Ranking
Documenting Risk Assessments

4 - RISK RESPONSE AND MITIGATION

Aligning Risk Response with Business Objectives
Risk Response Options
Analysis Techniques
Vulnerabilities Associated with New Controls
Developing a Risk Action Plan
Business Process Review Tools and Techniques
Control Design and Implementation
Control Monitoring and Effectiveness
Types of Risk
Control Activities, Objectives, Practices, and Metrics
Systems Control Design and Implementation
Impact of Emerging Technologies on Design and Implementation of Controls
Control Ownership
Risk management Procedures and Documentation

5 - RISK AND CONTROL MONITORING AND REPORTING

Key Risk Indicators
Key Performance Indicators
Data Collection and Extraction Tools and Techniques
Monitoring Controls
Control Assessment Types
Results of Control Assessments
Changes to the IT Risk Profile

Exam Info

Skills You Learn

Who can join CRISC course ?

CRISC Training FAQs

What does CISM (Certified Information Systems Manager) mean?

The exam has a full score of 800 marks and a minimum of 200 marks in which the passing score required is 450 marks. It is not a mathematically calculated mark or percentage but is a sliding scale.

What are the four domains of CRISC

The four domains that CRISC covers are:

Domain 1: IT risk identification (27%)
Domain 2: IT risk assessment (28%)
Domain 3: Risk Response and mitigation (23%)
Domain 4: Risk and control monitoring and reporting (22%)

When will the exam results get declared?

As soon as the exam is completed, the result is displayed and it is also mailed within 10 working days of completion of the exam.