Certified in Risk and Information Systems Control (CRISC)

Introduction:

Looking to move up in risk management or earn one of the world’s top-paying IT certifications? The CRISC Certification Training course prepares you to take the CRISC exam and build practical expertise in risk and information systems control—essential skills for today’s digital enterprises.

Developed around the latest ISACA certification framework, this course equips you to assess IT and enterprise risk, develop effective risk response plans, and monitor control performance. You’ll gain the insight and preparation you need to pursue the CRISC certification exam, enhance your governance capabilities, and meet the challenges of modern compliance and risk management roles.

Objectives:

This training prepares you to:

Identify and assess IT and enterprise risk in support of strategic business goals
Recommend and implement appropriate information security and IS controls
Build risk response and mitigation plans aligned to business priorities
Establish governance processes for continuous monitoring and reporting
Prepare for the CRISC certification exam through real-world examples, CRISC exam prep, and sample CRISC questions

You’ll leave this course ready to pass the CRISC, meet ISACA’s professional standards, and contribute to your organization’s resilience and regulatory readiness.

Course Outline:

Domain 1: Governance

  • Risk Assessment Concepts, Standards and Frameworks
  • Organizational Strategy, Goals and Objectives
  • Organizational Structure, Roles and Responsibilities
  • Organizational Culture and Assets
  • Policies, Standards and Business Processes
  • Enterprise Risk Management, Risk Management Frameworks and Three Lines of Defense
  • Risk Profile, Risk Appetite and Risk Tolerance
  • Navigating Professional Ethics of Risk Management and Requirements in Laws, Regulations and Controls

Domain 2: IT Risk Assessment

  • Risk Events, Threat Modeling and Threat Landscape
  • Vulnerability and Control Deficiency Analysis
  • Risk Scenario Development
  • Risk Register
  • Risk Analysis Methodologies
  • Business Impact Analysis
  • Inherent, Residual and Current Risk

Domain 3: Risk Response and Reporting

  • Risk Treatment/Risk Response Options
  • Risk and Control Ownership
  • Managing Risk from Processes, Third Parties and Emerging Sources
  • Control Types, Standards and Frameworks
  • Control Design, Selection and Analysis
  • Control Implementation, Testing and Effectiveness
  • Risk Treatment Plans
  • Data Collection, Aggregation, Analysis and Validation
  • Risk and Control Monitoring and Reporting Techniques
  • Performance, Risk and Control Metrics

Domain 4: Information Technology and Security

  • Enterprise Architecture
  • IT Operations Management
  • Project Management
  • Disaster Recovery Management
  • Data Life Cycle Management
  • System Development Life Cycle
  • Emerging Technologies
  • Information Security Concepts, Frameworks, Standards and Awareness Training
  • Business Continuity Management
  • Data Privacy and Protection Principles

Enroll in this course

$2,037.00

Need Help Finding The Right Training Solution?

Our training advisors are here for you.