TRENDS is authorized to promote and deliver ISACA courses in partnership with Trainocate. 'ISACA Logo is a registered trademark of ISACA. All rights reserved.
Certified in Risk and Information Systems Control
Schedule
Start | End | Duration | Location | Details |
---|
Course Details
Certified in Risk and Information Systems Control
Course code: CRISC
Duration: 5 Days
Course Description:
The technical knowledge and practices that CRISC evaluates and promotes are the building blocks of victory in the field.
After qualifying this certification, a professional can be hired as a senior IT auditor, security engineer architect, IT security analyst, or information assurance program manager.
The CRISC is designed for professionals who have three years of experience in professional-level risk control and management. To get the CRISC credential, a professional must: Concur to abide by the CRISC Continuing Education Policy Pass the CRISC exam Stick to the ISACA Code of Professional Ethics.
Course Objectives:
Upon Completion of this Course, you will accomplish following:
• prepare for the Certified in Risk and Information Systems Control exam.
• understanding enterprise risk.
• plan, execute, scrutinize and retain information systems controls.
• risk: identification, evaluation, assessment, response, and monitoring.
• IS control design and execution.
• IS control maintenance and monitoring.
Course Outlines:
Day 1:
Domain 1: IT risk Identification
• Risk capacity, risk appetite, and risk tolerance
• Risk culture and communication
• Elements of risk
• Information security risk concepts and principles
• The IT risk strategy of the business
• IT concepts and areas of concern for the risk practitioner
• Methods of risk identification
• IT risk scenarios
• Ownership and accountability
• The IT risk register
• RISK awareness
Day 2:
Domain 2: IT Risk Assessment
• Risk assessment techniques
• Analyzing risk scenarios
• Current state of controls
• Changes in the risk environment
• Project and program management
• Risk and controls analysis
• Risk analysis methodologies
• Risk ranking o Documenting risk assessment
Day 3:
Domain 3: Risk Response and Mitigation
• Aligning risk response with business objectives
• Risk response options
• Analysis techniques
• Vulnerabilities associated with new controls
• Developing a risk action plan
• Business process review tools and techniques
• Control design and implementation
• Control monitoring and effectiveness
• Type of risk
• Control activities, objectives, practices and metrics
• Systems control design and implementation
• Impact of emerging technologies on design and implementation of controls
• Control ownership
• Risk management procedures and documentation
Day 4:
Domain 4: Risk and Control Monitoring and Reporting
• Key risk indicators
• Key performance Indicators
• Data collection and extraction tools and techniques
• Monitoring controls
• Control assessment types
• Results of control assessment
• Change to the IT risk profile
Day 5:
• Exam Preparation