CRISC
Certified in Risk and Information Systems Control

CRISC Course Introduction

This 3-days intensive course is designed for a professional preparing for the ISACA's CRISC exam to gain more confidence. This course will wrap-up only key concept and vital knowledge of each domain. It is recommended that attendee should have hands-on experiences or familiar with information systems risk and control job before attend this course. Valuable technique for the exam will be shared by the exam passer.

CRISC Course Objectives

• To prepare for the ISACA's CRISC examination
• To summarize vital knowledge based on the latest exam domain
• To learn some techniques from the experienced exam passer
  

Target Group

• IT Manager
• Business Analyst
• Chief Information Security Officer
• Information Security Officer
• Security Manager
• Security Consultant
• IT Auditor
  

Course Outline of CRISC

Day 1
    – Risk Capacity, Risk Appetite and Risk Tolerance
    – Risk Culture and Communication
    – Elements of Risk
    – Information Security Risk Concepts and Principles
    – The IT Risk Strategy of the Business
    – IT Concepts and Areas of Concern for the Risk Practitioner
    – Methods of Risk Identification
    – IT Risk Scenarios
    – Ownership and Accountability
    – The IT Risk Register
    – Risk Awareness

Day 2
    – Risk Assessment Techniques
    – Analyzing Risk Scenarios
    – Current State of Controls
    – Changes in the Risk Environment
    – Project and Program Management
    – Risk and Control Analysis
    – Risk Analysis Methodologies
    – Risk Ranking
    – Documenting Risk Assessments

Day 3
    – Aligning Risk Response With Business Objectives
    – Risk Response Options
    – Analysis Techniques
    – Vulnerabilities Associated With New Controls
    – Developing a Risk Action Plan
    – Business Process Review Tools and Techniques
    – Control Design and Implementation
    – Control Monitoring and Effectiveness
    – Types of Risk
    – Control Activities, Objectives, Practices and Metrics
    – Systems Control Design and Implementation
    – Impact of Emerging Technologies on Design and Implementation of Controls
    – Control Ownership
    – Risk Management Procedures and Documentation
    – Key Risk Indicators
    – Key Performance Indicators
    – Data Collection and Extraction Tools and Techniques
    – Monitoring Controls
    – Control Assessment Types
    – Results of Control Assessments
    – Changes to the IT Risk Profile