CRISC - IT Risk Management Certification - ISACA

CRISC is the only credential focused on enterprise IT risk management. The updated CRISC exam content outline is based on the latest work practices and knowledge to keep certification holders ahead of the game in tackling real-world threats in today’s business landscape.
CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders.
The designation demonstrates to employers that the holder is able to identify, evaluate and manage information systems and technology risk, and help enterprises achieve their business objectives.
After qualifying this certification, a professional can be hired as a senior IT auditor, security engineer architect, IT security analyst, or information assurance program manager.
ISACA’s Certified in Risk and Information Systems Control (CRISC) certification is ideal for mid-career IT/IS audit, risk and security professionals.
Prove your skills and knowledge in using governance best practices and continuous risk monitoring and reporting.
Enhance business resilience and stakeholder value and gain increased credibility with peers, stakeholders and regulators.

Course Outline

Domain 1: IT risk Identification

Risk capacity, risk appetite, and risk tolerance
Risk culture and communication
Elements of risk
Information security risk concepts and principles
The IT risk strategy of the business
IT concepts and areas of concern for the risk practitioner
Methods of risk identification
IT risk scenarios
Ownership and accountability
The IT risk register
RISK awareness

Domain 2: IT Risk Assessment

Domain 3: Risk Response and Mitigation

Aligning risk response with business objectives
Risk response options
Analysis techniques
Vulnerabilities associated with new controls
Developing a risk action plan
Business process review tools and techniques
Control design and implementation
Control monitoring and effectiveness
Type of risk
Control activities, objectives, practices and metrics
Systems control design and implementation
Impact of emerging technologies on design and implementation of controls
Control ownership
Risk management procedures and documentation

Domain 4: Risk and Control Monitoring and Reporting

Key risk indicators
Key performance Indicators
Data collection and extraction tools and techniques
Monitoring controls
Control assessment types
Results of control assessment
Change to the IT risk profile

Exam Preparation

What you will learn

prepare for the Certified in Risk and Information Systems Control exam.
understanding enterprise risk.
plan, execute, scrutinize and retain information systems controls.
risk: identification, evaluation, assessment, response, and monitoring.
IS control design and execution.
IS control maintenance and monitoring.

Audience profile

The CRISC designation is designed for IT risk, control and compliance practitioners, business analysts, project managers and other respected professionals.
The highly respected certification demonstrates to employers that the holder is able to identify and evaluate IT risk, and help their enterprise accomplish its business objectives.

de9a8287-686d-4d58-a2af-4193889d9ad0

38a4583e-dd89-44d2-84ae-9a7fe7b8bd5d

312720082_3280059285539048_8270903667130837886_n

313022740_3281951502016493_4750500739980580487_n

313405364_3280059228872387_1068245193704371990_n

313425098_3281092408769069_2130340861422790640_n

315603412_3294460284098948_3004440886889166319_n

316421501_3301836073361369_489516891472576386_n

316684771_3300004163544560_588532633674131544_n

316687344_3300004113544565_5267992517243006123_n

WhatsApp Image 2022-12-07 at 3.22.02 PM

Previous

Next