Booking options
£2,037
+ VAT£2,037
+ VATDelivered Online
All levels
Duration
3 Days
18 CPD hours
This course is intended for
This course is ideal for
Professionals preparing to become CRISC certified.
Risk practitioners
Students or recent graduates
Overview
At course completions, students will understand the essential concepts in the 4 ISACA CRISC domains:
Governance
IT Risk Assessment
Risk Response and Reporting
Information Technology and Security
This 3 Day CRISC course is geared towards preparing students to pass the ISACA Certified in Risk and Information Systems Control examination. The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice. CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders.
GOVERNANCE - a. Organizational Governance
Organizational Strategy, Goals, and Objectives
Organizational Structure, Roles, and Responsibilities
Organizational Culture
Policies and Standards
Business Processes
Organizational Assets
GOVERNANCE - b. Risk Governance
Enterprise Risk Management and Risk Management Framework
Three Lines of Defense
Risk Profile
Risk Appetite and Risk Tolerance
Legal, Regulatory, and Contractual Requirements
Professional Ethics of Risk Management
IT RISK ASSESSMENT - a. IT Risk Identification
Risk Events (e.g., contributing conditions, loss result)
Threat Modelling and Threat Landscape
Vulnerability and Control Deficiency Analysis (e.g., root cause analysis)
Risk Scenario Development
IT RISK ASSESSMENT - b. IT Risk Analysis and Evaluation
Risk Assessment Concepts, Standards, and Frameworks
Risk Register
Risk Analysis Methodologies
Business Impact Analysis
Inherent and Residual Risk
RISK RESPONSE AND REPORTING - a. Risk Response
Risk Treatment / Risk Response Options
Risk and Control Ownership
Third-Party Risk Management
Issue, Finding, and Exception Management
Management of Emerging Risk
RISK RESPONSE AND REPORTING - b. Control Design and Implementation
Control Types, Standards, and Frameworks
Control Design, Selection, and Analysis
Control Implementation
Control Testing and Effectiveness Evaluation
RISK RESPONSE AND REPORTING - c. Risk Monitoring and Reporting
Risk Treatment Plans
Data Collection, Aggregation, Analysis, and Validation
Risk and Control Monitoring Techniques
Risk and Control Reporting Techniques (heatmap, scorecards, dashboards)
Key Performance Indicators
Key Risk Indicators (KRIs)
Key Control Indicators (KCIs)
INFORMATION TECHNOLOGY AND SECURITY - a. Information Technology Principles
Enterprise Architecture
IT Operations Management (e.g., change management, IT assets, problems, incidents)
Project Management
Disaster Recovery Management (DRM)
Data Lifecycle Management
System Development Life Cycle (SDLC)
Emerging Technologies
INFORMATION TECHNOLOGY AND SECURITY - b. Information Security Principles
Information Security Concepts, Frameworks, and Standards
Information Security Awareness Training
Business Continuity Management
Data Privacy and Data Protection Principles
Nexus Human, established over 20 years ago, stands as a pillar of excellence in the realm of IT and Business Skills Training and education in Ireland and the UK....