Certified in Risk and Information Systems Control

CRISC Course Introduction

This 3-days intensive course is designed for a professional preparing for the ISACA's CRISC exam to gain more confidence. This course will wrap-up only key concept and vital knowledge of each domain. It is recommended that attendee should have hands-on experiences or familiar with information systems risk and control job before attend this course. Valuable technique for the exam will be shared by the exam passer.

CRISC Course Objectives

  • To prepare for the ISACA's CRISC examination
  • To summarize vital knowledge based on the latest exam domain
  • To learn some techniques from the experienced exam passer

Target Group

  • IT Manager
  • Business Analyst
  • Chief Information Security Officer
  • Information Security Officer
  • Security Manager
  • Security Consultant
  • IT Auditor

Course Outline of CRISC

Day 1
    – Risk Capacity, Risk Appetite and Risk Tolerance
    – Risk Culture and Communication
    – Elements of Risk
    – Information Security Risk Concepts and Principles
    – The IT Risk Strategy of the Business
    – IT Concepts and Areas of Concern for the Risk Practitioner
    – Methods of Risk Identification
    – IT Risk Scenarios
    – Ownership and Accountability
    – The IT Risk Register
    – Risk Awareness

Day 2
    – Risk Assessment Techniques
    – Analyzing Risk Scenarios
    – Current State of Controls
    – Changes in the Risk Environment
    – Project and Program Management
    – Risk and Control Analysis
    – Risk Analysis Methodologies
    – Risk Ranking
    – Documenting Risk Assessments

Day 3
    – Aligning Risk Response With Business Objectives
    – Risk Response Options
    – Analysis Techniques
    – Vulnerabilities Associated With New Controls
    – Developing a Risk Action Plan
    – Business Process Review Tools and Techniques
    – Control Design and Implementation
    – Control Monitoring and Effectiveness
    – Types of Risk
    – Control Activities, Objectives, Practices and Metrics
    – Systems Control Design and Implementation
    – Impact of Emerging Technologies on Design and Implementation of Controls
    – Control Ownership
    – Risk Management Procedures and Documentation
    – Key Risk Indicators
    – Key Performance Indicators
    – Data Collection and Extraction Tools and Techniques
    – Monitoring Controls
    – Control Assessment Types
    – Results of Control Assessments
    – Changes to the IT Risk Profile

28-30 September 2022

Course Level



3 Days

Tuition Fee

23,500.00 THB


ACIS Certified Professional Instructor

Our website uses both essential and non-essential cookies to analyze use of our products and services. This agreement applies to non-essential cookies only. By accepting, you are agreeing to third parties receiving information about your usage and activities. If you choose to decline this agreement, we will continue to use essential cookies for the operation of the website. View Policy