Course Code: 5760

CRISC - Certified Risk Information Systems Control

Class Dates:
1/31/2022
11/29/2021
Length:
4 Days
Cost:
$2530.00
Class Time:
Technology:
Security
Delivery:
Instructor-Led Training, Virtual Instructor-Led Training

Overview

  • Course Overview
  • In this course, you’ll cover all four domains of the ISACA Certified in Risk and Information Systems Control (CRISC) exam and gain the knowledge and concepts required to obtain CRISC certification. Since its inception in 2010, the CRISC certification is designed for IT and business professionals who identify and manage risks through the development, implementation, and maintenance of appropriate information systems (IS) controls.

    The ISACA Certified in Risk and Information Systems Control (CRISC) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of ISACA Risk and Information Systems Control.
  • Audience
  • IT professionals interested in earning Certified in Risk and Information Systems Controls (CRISC) certification. CEOs/CFOs, Chief Audit Executives, Audit Partners/Heads, CIOs/CISOs, Chief Compliance/Privacy/Risk Officers, Security Managers/Directors/Consultants, IT Directors/Managers/Consultants, Audit Directors/Managers/Consultant.

    What You'll Learn • Risk identification • IT risk assessment • Risk response • Risk control, monitoring, and reporting

Prerequisites

  • There is no prerequisite for the training and CRISC exam. However, to be CRISC certified, you must meet certain requirements.

Course Details

  • 1 – INTRODUCTION TO IT RISK MANAGEMENT
  • Governance and Risk management
  • The Context of IT Risk Management
  • Key Concepts of Risk
  • Risk in Relation to Other Business Functions
  • IT Risk Management Good Practices
  • 2 – IT RISK ASSESSMENT
  • Risk Capacity, Risk Appetite and Risk Tolerance
  • Risk Culture and Communication
  • Elements of Risk
  • Information Security Risk Concepts and Principles
  • The IT Risk Strategy of the Business
  • IT Concepts and Areas of Concern for the Risk Practitioner
  • Methods of Risk Identification
  • IT Risk Scenarios
  • Ownership and Accountability
  • The IT Risk Register
  • Risk Awareness
  • 3 – IT RISK ASSESSMENT
  • Risk Assessment Techniques
  • Analyzing Risk Scenarios
  • Current State of Controls
  • Changes in the Risk Environment
  • Project and Program Management
  • Risk and Control Analysis
  • Risk Analysis Methodologies
  • Risk Ranking
  • Documenting Risk Assessments
  • 4 – RISK RESPONSE AND MITIGATION
  • Aligning Risk Response with Business Objectives
  • Risk Response Options
  • Analysis Techniques
  • Vulnerabilities Associated with New Controls
  • Developing a Risk Action Plan
  • Business Process Review Tools and Techniques
  • Control Design and Implementation
  • Control Monitoring and Effectiveness
  • Types of Risk, Control Activities, Objectives, Practices and Metrics
  • Systems Control Design and Implementation
  • Impact of Emerging Technologies on Design and Implementation of Controls
  • Control Ownership, Risk management Procedures and Documentation
  • 5 – RISK AND CONTROL MONITORING AND REPORTING
  • Key Risk Indicators
  • Key Performance Indicators
  • Data Collection and Extraction Tools and Techniques
  • Monitoring Controls
  • Control Assessment Types
  • Results of Control Assessments
  • Changes to the IT Risk Profile