CRISC – Certified in Risk and Information Systems Control
-
COURSE DATES AND LOCATIONS
DATE
Duration
LOCATION
FEES
Book Now
-
INTRODUCTION
Certified in Risk and Information Systems Control (CRISC) certification is ideal for mid-career IT/IS audit, risk and security professionals. This course is to prove your skills and knowledge in using governance best practices and continuous risk monitoring and reporting. Enhance business resilience and stakeholder value and gain increased credibility with peers, stakeholders and regulators.
CRISC is the most updated and holistic test available for evaluating IT professionals and other industry and financial sector employees. The CRISC online course prepares IT professionals for the specific difficulties presented by information systems. CRISC (Certified in Risk and Information Systems Control) is an IT certification for enterprise risk management. The course helps them learn the skills and knowledge necessary to assess and manage enterprise IT risk, as well as build and maintain information systems controls.
-
COURSE OBJECTIVES
By the end of the course, you‘ll be able to:
- CRISC certification ensures you are recognized as a professional with the skills and experience to provide value and insight from an overall organizational perspective on both IT risk and control.
- One of the key CRISC domains focuses on the organizational framework for managing and mitigating risk across business processes and technology.
- CRISC holders are able to establish a common language to communicate within IT and to stakeholders throughout the enterprise about risk.
- With CRISC certification, your enterprise can rely on your input to make effective risk-based decisions and prioritize resources to areas that are most at risk.
- With the CRISC certification you will understand information systems control design and implementation and control monitoring and maintenance.
- CRISC certification affirms your ability to plan and implement appropriate control measures and frameworks that further mitigate enterprise risk without stifling innovation.
-
COURSE AUDIENCE
This course is made for :
- Chief Information Officers
- Risk Management Professionals
- Quality Assurance Professionals
- Compliance Professionals
- Business Analysts
- Information Security Specialists
- Project Managers
- Control Professionals
- Professionals who are looking to understand Information Control and Risk Management concepts in an organization
- Professionals who are looking to sit for ISACAs CRISC certification exam
- IT Professionals
- Aspiring Risk and Information Control Specialists
-
COURSE OUTLINE
Day One
Organisational Governance
- Organisational Strategy, Goals and Objectives
- Organisational Structure, Roles and Responsibilities
- Organisational Culture
- Policies and Standards
- Business Process Review
- Organisational Assets
Risk Governance
- Enterprise Risk Management and Risk Management Frameworks
- Three Lines of Defence
- Risk Profile
- Risk Appetite, Tolerance and Capacity
- Legal, Regulatory and Contractual Requirements
- Professional Ethics of Risk Management
Day Two
IT Risk Identification
- Risk Events
- Threat Modelling and Threat Landscape
- Vulnerability and Control Deficiency Analysis
- Risk Scenario Development
IT Risk Analysis, Evaluation and Assessment
- Risk Assessment Concepts, Standards and Frameworks
- Risk Register
- Risk Analysis Methodologies
- Business Impact Analysis
- Inherent, Residual and Current Risk
Day Three
Risk Response
- Risk and Control Ownership
- Risk Treatment/Risk Response Options
- Third Party Risk Management
- Issue, Finding and Expectation Management
- Management of Emerging Risk
Control, Design and Implementation
- Control Types, Standards and Frameworks
- Control Design, Selection and Analysis
- Control Implementation
- Control Testing and Effectiveness Evaluation
Day Four
Risk Monitoring and Reporting
- Risk Treatment Plans
- Data Collection, Aggregation, Analysis and Validation
- Risk and Control Monitoring Techniques
- Key Performance Indicators
- Key Risk Indicators
- Key Control Indicators
Day Five
Information Technology Principles
- Enterprise Architecture
- IT Operations Management
- Project Management
- Enterprise Resiliency
- Data Life Cycle Management
- System Development Life Cycle
- Emerging Trends in Technology
