Back To All Courses

CRISC – Certified in Risk and Information Systems Control

  • Implement information systems control like a pro
  • Be an enterprise-level expert
  • Stay updated with industry best practices
  • Learn from the best with our custom learning modules
Check Eligiblity
Talk to our experts

Exam Details

150

Number of Questions

240 Minutes

Exam Duration

MCQ's

Exam Format

450/800

Passing Marks

    Register Now





    Description

    Globally accepted, developed by ISACA specifically for professionals seeking a new career opportunity or striving to grow further in their job roles in the field of Risk Management to understand the impact of IT Risk and how it relates to an enterprise. CRISC helps you gain knowledge to enhance business resilience, deliver stakeholder value and optimize Risk Management across the enterprise. CRISC (Certified in Risk and Information Systems Control) helps professionals in understanding business risks and implement appropriate Information Security controls to keep risks within an acceptable level to achieve business objectives.

    Course Objective

    • Collect and review existing information regarding the organization’s business and IT environments.
    • Identify potential or realized impacts of IT risk to the organization’s business objectives and operations.
    • Identify threats and vulnerabilities to the organization’s people, processes and technology.
    • Evaluate threats, vulnerabilities and risk to identify IT risk scenarios.
    • Establish accountability by assigning and validating appropriate levels of risk and control ownership.
    • Establish and maintain the IT risk register and incorporate it into the enterprise-wide risk profile.
    • Facilitate the identification of risk appetite and risk tolerance by key stakeholders.
    • Promote a risk-aware culture by contributing to the development and implementation of security awareness training.
    • Conduct a risk assessment by analyzing IT risk scenarios and determining their likelihood and impact.
    • Identify the current state of existing controls and evaluate their effectiveness for IT risk mitigation.
    • Review the results of risk analysis and control analysis to assess any gaps between the current and desired states of the IT risk environment.
    • Facilitate the selection of recommended risk responses by key stakeholders.
    • Collaborate with risk owners on the development of risk treatment plans.
    • Collaborate with control owners on the selection, design, implementation and maintenance of controls.
    • Validate that risk responses have been executed according to risk treatment plans.
    • Define, establish, monitor and analyze key risk indicators (KRIs).
    • Collaborate with control owners on the identification of key performance indicators (KPIs) and key control indicators (KCIs).
    • Monitor and analyze key performance indicators (KPIs) and key control indicators (KCIs).
    • Review the results of control assessments to determine the effectiveness and maturity of the control environment.
    • Report relevant risk and control information to applicable stakeholders to facilitate risk-based decision-making.
    • Evaluate the alignment of business practices with risk management and information security frameworks and standards.

    Prerequisite

    • At least three years of cumulative work experience as a CRISC professional in at least two of the four CRISC domains.
    • Any professional working or wanting to switch careers in the field of Information Security can pursue the exam, however, the certification can only be obtained if you qualify for the above requirements.

    Additional Information

    • ISACA Premium Training Partner
    • Learn at your own will with recorded sessions
    • Technical expertise to implement sturdy IS controls
    • Be proficient in risk management
    • Get visibility among industry professionals

    Ideal for professionals working as

    • Governance, Risk & Compliance (GRC) professionals
    • Information Security Professionals
    • IT Managers
    • IT Auditors
    • IT Security Managers
    • IT Risk Management Professionals
    • Anyone who wants to enhance their knowledge in the field of information security management framework
    • Certified credentials recognized by industries in all sectors and domains
    • Accelerate role as Risk Management Professional
    • Help build effective and efficient Information Security teams with improved technical expertise

    IT Governance

    1. Organizational Strategy, Goals and Objectives
    2. Enterprise Risk Management and Risk Management Framework

    IT Risk Assessment

    1. Threat Modelling and Landscape
    2. Risk Assessment Concepts, Standards and Frameworks
    3. Business Impact Analysis

    Risk Response and Reporting

    1. Risk Treatment and Response
    2. Control Design and Implementation
    3. Risk Monitoring and Reporting
    4. KPIs, KRIs and KCIs

    Information Technology and Security

    1. IT Operations Management
    2. System Development Lifecycle (SDLC)
    3. Information Security Concepts, Frameworks and Standards

    Are You Ready To Start?

    Get Started

    Frequently Asked Questions

    Most frequent questions and answers
    Faq Section

    More Courses

    You might also be interested in these courses

    Register Now for a FREE Consultation Today!

    Book a Consultation

    Categories

    get started

    Subscribe Newsletter

    Subscribe to our Newsletter

    Be the first to know about our latest courses and updates