This 4-Day training prepares the professionals who want to pass the ISACA’s Certified in Risk and Information System Control CRISC® exam.
The program covers the four key areas covered in the exam: Governance, IT Risk Assessment, Risk Response and Reporting, Information Technology and Security
The program is aligned on the latest Edition (7th) of the CBK (Common Body of Knowledge) from the ISACA®
CRISC® certification is recognized around the world.
Master the risk management approach according to the CRISC®
Apply the best responses strategies to the risks weighing on the information system
Use best risk monitoring practices
Define information system controls
Use best practices to monitor and maintain these controls
-Candidates must apply for certification within 5 years of having passed the exam.
-A minimum of 3-year experience of cumulative work experience performing the tasks of a CRISC® professional across at least two of the four CRISC® domains is required for the certification. Of these two domains, one must be in either domain 1 or 2.
-Adhere to the ISACA® code of Professional Ethics
-Agree to comply with the CRISC® continuing education policy.
Job roles that can benefit from CRISC® training include, but are not limited to:
CISO
Information Security consultants
Governance Consultants
Cybersecurity Consultants
IT professionals
Risk professionals
Control professionals
Project managers
Business analysts
Compliance professionals
Auditors
CRISC® exam candidates and anyone keen to improve their knowledge in the field of risk management and IS control.
Participants who have completed an ISO 27005 or ISO 31000 course
People working with an ERM (Enterprise Risk Management) framework
There is no prerequisite to take the CRISC® exam; however, in order to apply for CRISC® certification you must meet the necessary experience requirements as determined by ISACA.
Participants should have a basic knowledge of the areas to be covered. The course consists of intense preparation for the certification exam.
English is required for the exam.
Introduction
Chapter 1: Governance
-Organizational Strategy, Goals and Objectives
-Organization structure, Roles and Responsibilities
-Organizational Structure
-Policies and Standards
-Business Process Review
-Organization assets
-Enterprise Risk Management and Risk Management Frameworks
-Three Lines of Defence
-Risk Profile
-Risk Appetite, Tolerance and Capacity
-Legal, Regulatory and Contractual Requirements
-Exercises - MCQ in-between slides and at the end of the day
Chapter 2: IT Risk Assessment
-Risk Events
-Threat Modelling and Threat landscape
-Vulnerability and Control Deficiency Analysis
-Risk Scenario Development
-Risk Assessment Concepts, Standards and Frameworks
-Risk Register
-Risk Analysis Methodologies
-Business Impact Analysis
-Inherent, Residual and Current risk
-Exercises - MCQ in-between slides and at the end of the day
Chapter 3: Risk Response and Reporting
-Risk and Control Ownership
-Risk Treatment/Risk Response Options
-Third-party Risk Management
-Issues, Finding and Exception Management
-Management of Emerging risk
-Control Types, Standards and Frameworks
-Control Design, Selection and Analysis
-Control Implementation
-Control Testing and Effectiveness Evaluation
-Risk Treatment Plans
-Data Collection, Aggregation, Analysis and Validation
-Risk and Control Monitoring Techniques
-Risk and Control Reporting Techniques
-Key Performances Indicators
-Key Risk Indicators
-Key Control Indicators
-Exercises - MCQ in-between slides and at the end of the day
Chapter 4: Information Technology and Security
-Enterprise Architecture
-IT Operations Management
-Project Management
-Enterprise Resiliency
-Data Life Cycle Management
-System Development Life Cycle
-Emerging Trends in Technology
-Information Security Concepts, Frameworks and Standards
-Information Security Awareness Training
-Data Privacy and Principles of Data Protection
-Exercises - MCQ in-between slides and at the end of the day
Multiple Choice Questions (MCQ) like the exam and correction performed together
Discussion and exchanges, hints, and tips to pass the exam.
Blank Exam.
The exam consists of 150 MCQs that cover the CRISC® job practice domains.
Back Registration