Thumb

Management with adaptable practices

We denounce with righteous indige nation and dislike men who are so beguiled and demo realized by the charms of pleasure of the moment, so blinded by desire, that they cannot foresee the pain and trouble that are bound to ensue cannot foresee. These cases are perfectly simple and easy to distinguish. In a free hour, when our power of choice is untrammelled data structures manages data in technology.

Certified Risk and Information Systems Control (CRISC) Course Outline

Domain 1: Governance

Module 1: Organisational Governance

  • Organisational Strategy, Goals and Objectives
  • Organisational Structure, Roles and Responsibilities
  • Organisational Culture
  • Policies and Standards
  • Business Process Review
  • Organisational Assets

Module 2: Risk Governance

  • Enterprise Risk Management and Risk Management Frameworks
  • Three Lines of Defence
  • Risk Profile
  • Risk Appetite, Tolerance and Capacity
  • Legal, Regulatory and Contractual Requirements
  • Professional Ethics of Risk Management

Domain 2: IT Risk Assessment

Module 3: IT Risk Identification

  • Risk Events
  • Threat Modelling and Threat Landscape
  • Vulnerability and Control Deficiency Analysis
  • Risk Scenario Development

Module 4: IT Risk Analysis, Evaluation and Assessment

  • Risk Assessment Concepts, Standards and Frameworks
  • Risk Register
  • Risk Analysis Methodologies
  • Business Impact Analysis
  • Inherent, Residual and Current Risk

Domain 3: Risk Response and Reporting

Module 5: Risk Response

  • Risk and Control Ownership
  • Risk Treatment/Risk Response Options
  • Third Party Risk Management
  • Issue, Finding and Expectation Management
  • Management of Emerging Risk

Module 6: Control, Design and Implementation

  • Control Types, Standards and Frameworks
  • Control Design, Selection and Analysis
  • Control Implementation
  • Control Testing and Effectiveness Evaluation

Module 7: Risk Monitoring and Reporting

  • Risk Treatment Plans
  • Data Collection, Aggregation, Analysis and Validation
  • Risk and Control Monitoring Techniques
  • Key Performance Indicators
  • Key Risk Indicators
  • Key Control Indicators

Domain 4: Information Technology and Security

Module 8: Information Technology Principles

  • Enterprise Architecture
  • IT Operations Management
  • Project Management
  • Enterprise Resiliency
  • Data Life Cycle Management
  • System Development Life Cycle
  • Emerging Trends in Technology

Module 9: Information Security Principles

  • Information Security Concepts, Frameworks and Standards
  • Information Security Awareness Training
  • Data Privacy and Principles of Data Protection

Prerequisites

There are no formal prerequisites for attending this Certified in Risk and Information Systems Control (CRISC) training course.

Audience

This training course is ideal for anyone who wants to develop their knowledge and skills of managing IT risk and information security controls within their organisation successfully.

Certified Risk and Information Systems Control (CRISC) Course Overview

CRISC (Certified in Risk and Information Systems Control) is an enterprise risk management certification for IT professionals. It helps them to acquire skills and knowledge for identifying and managing enterprise IT risk. CRISC focuses on the organisational framework for managing and mitigating risk across business processes and technology. This CRISC training course aims to provide delegates with valuable technical skills, ensuring success and prosperity in the empire of IT security. Pursuing this CRISC training will help individuals to develop and establish their useful and preferred IT security careers worldwide.

In this 3-day Certified in Risk and Information Systems Control (CRISC) training course, delegates will gain in-depth knowledge about the methods and processes associated with risk identification, risk analysis, responding to risk, and controlling risk. During this training, delegates will cover various concepts such as organisational governance, IT risk assessment, risk response, project management, enterprise resiliency, information technology and security, business impact analysis, etc. This certification is designed to help professionals refresh their previous knowledge and gain new skills. Our highly experienced Risk Management experts have tailored this CRISC training course, especially to meet the needs and demands of the IT industry.

Delegates will also cover various topics such as:

  • IT risk identification
  • Organisational assets
  • Risk governance
  • Enterprise architecture
  • Project management
  • Information security principles

At the end of this training, delegates will be able to identify and manage risks within an organisation successfully. They will also be able to apply information security concepts, frameworks and standards within an organisation efficiently. Holding the required expertise and knowledge of CRISC domains will help individuals to grow their careers as risk professionals and also provide value to their company.

Certified Risk and Information Systems Control (CRISC) Exam Information

This training course does not include the CRISC exam; this must be booked separately via ISACA. The exam tests delegate's knowledge of the four CRISC domains: Risk Identification, Risk Assessment, Risk Response and Mitigation, and Risk and Control Monitoring and Reporting. It is marked using a 200-800 point scale, with 450 being the passing mark. The Certified Risk and Information Systems Control examination is a CBT (Computer-Based Testing) exam, which has 3 testing windows per year. For more information, visit ISACA.

What’s Included in this CRISC Training Course?

This course will include:

  • The Knowledge Academy’s Certified in Risk and Information Systems Control (CRISC) Courseware
  • Experienced Instructor
  • Certificate of Completion
  • Refreshments

EU GDPR Practitioner Exam Information

The GDPR Practitioner exam assesses a candidate’s knowledge of compliance mechanisms, cloud and third-party processing, the stipulations of the GDPR, Data Protection Impact Assessments, security breaches, and the expectations of GDPR-mandated roles. The exam consists of:

  • Type: Multiple choice questions
  • Duration: 1 hour 30 minutes
  • Pass mark: 55%
  • Open Book: Yes
4