Crisc® Certified In Risk & Information Systems Control

Propel your career with ALC’s CRISC training course and build greater understanding of the impact of IT risk and how it relates to your organisation.

Certified in Risk and Information Systems Control or CRISC is now one of the most highly sought-after qualifications. It is the only certification that prepares and enables IT professionals for the unique challenges of IT and enterprise risk management, and positions them to become strategic partners to the enterprise.

The CRISC training course has been designed to comprehensively cover the full CRISC syllabus and to prepare you for a first-time pass in the CRISC exam.

Outcomes

For organisations, employing CRISC professionals brings great benefits such as:

• Build greater understanding about the impact of it risk and how it relates to the overall organisation;

• Assure development of more effective plans to mitigate risk; &

• Establish a common perspective and language about it risk that can set the standard for the enterprise

With a growing demand for professionals with risk and control skills, it is a great time to gain a globally recognised certification in this field. Becoming CRISC certified will:

• Demonstrate your knowledge and expertise in risk management.

• Increase your value within your organisation.

• Provide a gateway to more strategic level roles.

• Maintain your high level of professionalism through continuing professional education.

Who Should Attend

The CRISC certification is designed for:

• IT professionals

• Risk professionals

• Compliance professionals

• Project managers

• Control professionals

• Business analysts

Prerequisities

So as to obtain the ISACA CRISC Certification, the following requirements must be met:

• Pass the CRISC Exam (ALC’s Training course provides full preparation to successfully pass the exam)

• Have the relevant full-time work experience* in the CRISC Job Practice Areas

• Submit the CRISC Certification Application including Application Processing Fee

Contents

This course provides intensive revision across all 4 CRISC job practice domains.

Domain 1 — Governance

• Key Risk Concepts

• Organisational Strategy, Goals and Objectives

• Organisational Structure, Roles and Responsibilities

• Organisational Culture and Assets

• Policies, Standards and Business Process Review

• Risk Governance Overview

• Enterprise Risk Management, Risk Management Frameworks and Three Lines of Defense

• Risk Profile, Risk Appetite and Risk Tolerance

• Professional Ethics, Laws, Regulations and Contracts

Domain 2 – IT Risk Assessment

• Risk Events

• Threat Modelling and Threat Landscape

• Vulnerability and Control Deficiency Analysis

• Risk Scenario Development

• Risk Assessment Concepts, Standards and Frameworks

• Risk Register

• Risk Analysis Methodologies

• Business Impact Analysis

• Inherent, Residual and Current Risk

Domain 3 – Risk Response and Reporting

• Risk and Control Ownership

• Risk Treatment/Risk Response Options

• Managing Risk from Processes, Third Parties and Emergent Sources

• Control Types, Standards and Frameworks

• Control Design, Selection and Analysis

• Control Implementation, Testing and Effectiveness Evaluation

• Risk Treatment Plans

• Data Collection, Aggregation, Analysis and Validation

• Risk and Control Monitoring and Reporting Techniques

• Metrics

Domain 4 – Information Technology and Security

• Enterprise Architecture

• IT Operations Management

• Project Management

• Enterprise Resiliency

• Data Life Cycle Management

• System Development Life Cycle

• Emerging Technologies