Certified in Risk and Information Systems Control (CRISC)
Course Duration: 4 days
Book online today or if you need any assistance or help
chosing the right course for you, please call our team on 08000 199337 and
we will help point you in the right direction.
CRISC is the only certification that prepares and enables IT professionals for the unique challenges of IT and enterprise risk management and positions them to become strategic partners to the enterprise, helping enterprises accomplish business objectives by designing, implementing, monitoring, and maintaining risk-based, efficient and effective IS controls.
The CRISC Exam Preparation course is an intensive, three-day review program to prepare individuals who are planning to sit for the Certified in Risk and Information System Controls™ (CRISC) exam. The course focuses on the key points covered in the CRISC Review Manual 6th Edition and includes class lectures, group discussions, exam practice and answer debriefs. The course is intended for individuals with familiarity with and experience in IT and enterprise risk management.
Who is it for?
Individuals who are looking to build a greater understanding of the impact of IT risk and how it relates to their organization.
Attendees should meet the following prerequisites:
There are no prerequisite to take the CRISC exam; however, in order to apply for CRISC certification you must meet the necessary experience requirements as determined by ISACA
The Exam
This course is recommended as preparation for the following exam:
ISACA CRISC Certification Exam
The CRISC exam measures your knowledge of the four domains (see ‘Content’ above). Here is the percentage of questions that will appear on the exam, from each domain:
Domain 1— Risk Identification (27%)
Domain 2— Risk Assessment (28%)
Domain 3— Risk Response and Mitigation (23%)
Domain 4— Risk and Control Monitoring and Reporting (22%)
Please Note: Three (3) or more years of cumulative work experience performing the tasks of a CRISC professional across at least two (2) CRISC domains, of which one must be in Domain 1 or 2, is required for certification. There are no substitutions or experience waivers.
The exam is not included in the cost of the course. You can purchase an exam voucher separately for use on a date and time of your own choosing.
Course Objectives
After completing the course, delegates should be able to.
Identify the IT risk management strategy in support of business objectives and alignment with the Enterprise Risk Management (ERM) strategy.
Analyze and evaluate IT risk to determine the likelihood and impact on business objectives to enable risk-based decision making.
Determine risk response options and evaluate their efficiency and effectiveness to manage risk in alignment with business objectives.
Continuously monitor and report on IT risk and controls to relevant stakeholders to ensure the continued efficiency and effectiveness of the IT risk management strategy and its alignment with business objectives.
Syllabus – Key points
General Exam Information
The Context of IT Risk Management
Domain 1—Risk Management
Collect and review environmental risk data
Identify potential vulnerabilities to people, processes and assets
Develop IT scenarios based on information and potential impact to the organization
Identify key stakeholders for risk scenarios
Establish risk register
Gain senior leadership and stakeholder approval of the risk plan
Collaborate to create a risk awareness program and conduct training
Domain 2—IT Risk Assessment
Analyse risk scenarios to determine likelihood and impact
Identify current state of risk controls and their effectiveness
Determine gaps between the current state of risk controls and the desired state
Ensure risk ownership is assigned at the appropriate level
Communicate risk assessment data to senior management and appropriate stakeholders
Update the risk register with risk assessment data
Domain 3—Risk Response and Mitigation
Align risk responses with business objectives
Develop consult with and assist risk owners with development risk action plans
Ensure risk mitigation controls are managed to acceptable levels
Ensure control ownership is appropriately assigned to establish accountability
Develop and document control procedures for effective control
Update the risk register
Validate that risk responses are executed according to risk action plans
Domain 4—Risk and Control Monitoring and Reporting
Risk and control monitoring and reporting
Define key risk indicators (KRIs) and identify key performance indicators (KPIs) to enable performance measurement key risk indicators (KRIs) and key performance indicators (KPIs)
Determine the effectiveness of control assessments
Identify and report trends/changes to KRIs/KPIs that affect control performance or the risk profile
Practice Exam
Reviews
There are no reviews yet.
Be the first to review “Certified in Risk and Information Systems Control (CRISC)” Cancel reply
A Pearson VUE exam voucher enables you to book and sit your exam at your local Pearson VUE testing centre at a time and date convenient to you. Pearson VUE centres are worldwide, and you will be able to choose the closest testing centre to you. You then go along to the test centre with your photo ID at the specified date and time and you will then take an electronic exam. Your exam voucher will have an expiration date and your exam must be sat before this date as these vouchers cannot be extended.
adroll_adv_id = "XNZRRJAHVZHGFMS6TWAH2X";
adroll_pix_id = "3YHBJG6UXZDH3DMUYEYOOU";
adroll_version = "2.0";
adroll_current_page = "product_page";
adroll_currency = "GBP";
adroll_language = "en_GB";
adroll_products = [{"product_id":"118155","price":"3390.00","category":"it security courses","name":"Certified in Risk and Information Systems Control (CRISC)"}];
Reviews
There are no reviews yet.