This course and certification is designed for mid-career IT and business professionals who identify and manage risk through the development, implementation and maintenance of appropriate information systems (IS) controls. CRISC certification confirms an individual’s skills and knowledge
Modern businesses face a diverse collection of obstacles, potential dangers and risk exposure. ISACA’s Certified in Risk and Information Systems Control (CRISC®) certification indicates expertise in identifying and managing enterprise IT risk, and implementing and maintaining information systems controls.
This course and certification is designed for mid-career IT and business professionals who identify and manage risk through the development, implementation and maintenance of appropriate information systems (IS) controls.
CRISC certification confirms an individual’s skills and knowledge to secure the modern enterprise against escalating threats. The CRISC Exam Preparation course is an intensive, four-day review program to prepare individuals who are planning to sit for the Certified in Risk and Information Systems Control (CRISC) exam.
The course focuses on the key points covered in the CRISC Review Manual and includes class lectures, group discussions, exam practice and answer debriefs. The course is intended for individuals with familiarity with and experience in IT and enterprise risk management.
This course includes a digital courseware manual and access to the CRISC Questions, Answers and Explanations (QAE) database for 12 months.
What You’ll Learn
CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyse, evaluate, assess, prioritise and respond to risks. This enhances benefits realisation and delivers optimal value to stakeholders
Who Is The Course For?
This course is designed for mid-career IT and business professionals, including:
Security Directors, Managers, and Consultants
Compliance/Risk/Privacy Directors and Managers
IT Audit Directors, Managers, and Consultants
Compliance/Risk/Control Staff
We can also deliver and customise this training course for larger groups – saving your organisation time, money and resources.
Course Subjects
Domain 1: Governance
A. Organisational Governance
Organisational Strategy, Goals, and Objectives
Organisational Structure, Roles, and Responsibilities
Organisational Culture
Policies and Standards
Business Processes
Organisational Assets
B. Risk Governance
Enterprise Risk Management and Risk Management Framework
Three Lines of Defence
Risk Profile
Risk Appetite and Risk Tolerance
Legal, Regulatory, and Contractual Requirements
Professional Ethics of Risk Management
Domain 2: IT Risk Assessment
A. IT Risk Identification
Risk Events (e.g., contributing conditions, loss result)
Threat Modelling and Threat Landscape
Vulnerability and Control Deficiency Analysis (e.g., root cause analysis)
Risk Scenario Development
B. IT Risk Analysis and Evaluation
Risk Assessment Concepts, Standards, and Frameworks
Risk Register
Risk Analysis Methodologies
Business Impact Analysis
Inherent and Residual Risk
Domain 3: Risk Response and Reporting
A. Risk Response
Risk Treatment / Risk Response Options
Risk and Control Ownership
Third-Party Risk Management
Issue, Finding, and Exception Management
Management of Emerging Risk
B. Control Design and Implementation
Control Types, Standards, and Frameworks
Control Design, Selection, and Analysis
Control Implementation
Control Testing and Effectiveness Evaluation
C. Risk Monitoring and Reporting
Risk Treatment Plans
Data Collection, Aggregation, Analysis, and Validation
Risk and Control Monitoring Techniques
Risk and Control Reporting Techniques (heatmap, scorecards, dashboards)
Key Performance Indicators
Key Risk Indicators (KRIs)
Key Control Indicators (KCIs)
Domain 4: Information Technology and Security
A. Information Technology Principles
Enterprise Architecture
IT Operations Management (e.g., change management, IT assets, problems, incidents)
Project Management
Disaster Recovery Management (DRM)
Data Lifecycle Management
System Development Life Cycle (SDLC)
Emerging Technologies
B. Information Security Principles
Information Security Concepts, Frameworks, and Standards
Information Security Awareness Training
Business Continuity Management
Data Privacy and Data Protection Principles
Secondary Classifications
Prerequisites
There are no prerequisites for taking this course or the CRISC Exam. However, in order to apply for CRISC certification, the candidate must meet the necessary experience requirements as determined by ISACA.
To obtain the CRISC Certification, a candidate must pass the CRISC Exam and have the relevant full-time work experience in the CRISC exam content outline: Three or more years of experience in IT risk management and IS control.
Lumify Group was previously known as DDLS Group. We help business and enterprise customers turn change into opportunity through instructor-led, vendor-certified, IT and process training.
Developed in partnership with the world’s leading tech vendors and delivered by industry-accredited experts, our courses are pragmatic, future-focused and real-world ready.
From cybersecurity to cloud computing, AI to agile, our award-winning trainers deliver cutting-edge content to over 20,000 students online, in classrooms and in workplaces, every year.
Learn From The Experts
Leaders in their respective fields and with an average student rating of 4.8/5, our industry-accredited trainers will inspire your team to learn, thrive and grow.
Train Your Way
From face-to-face sessions with our expert trainers to self-directed courses delivered entirely online, our training methods can be easily adapted to suit you and your team.
This course is the most comprehensive review of information security concepts and industry best practices, and focuses on the eight domains of the CISSP CBK® (Common Body of Knowledge) that are covered in the CISSP exam.
IEVISION’s Certified Information Systems Auditor (CISA) Boot Camp is specifically designed to provide CISA candidates with the effective skills necessary to develop, manage and supervise programs to defend against unauthorized admittance to information. In addition our boot camp is focused on pr...
Information System training course is an entry-level training course for IT specialists. This training course provides a detailed understanding of the system development modules and lifecycle to manage IT system development.
This training course will help candidates review and refresh their information security knowledge and help identify areas they need to study for the?CISSP exam (not included).
This 5-day CISSP Prep concentrated course provides information security professionals with a fully-immersed, minimum-distraction CISSP training and certification experience. The course covers the 8 domains of the CISSP Common Body of Knowledge as reorganised and updated in 2021.
© 2024 coursetakers.com All Rights Reserved. Terms and Conditions of use | Privacy Policy