TRENDS is authorized to promote and deliver ISACA courses in partnership with Trainocate. 'ISACA Logo is a registered trademark of ISACA. All rights reserved.

Certified in Risk and Information Systems Control

Schedule

Start End Duration Location Details

Course Details

Certified in Risk and Information Systems Control

Course code: CRISC

Duration: 5 Days


Course Description:

The technical knowledge and practices that CRISC evaluates and promotes are the building blocks of victory in the field.
After qualifying this certification, a professional can be hired as a senior IT auditor, security engineer architect, IT security analyst, or information assurance program manager.
The CRISC is designed for professionals who have three years of experience in professional-level risk control and management. To get the CRISC credential, a professional must: Concur to abide by the CRISC Continuing Education Policy Pass the CRISC exam Stick to the ISACA Code of Professional Ethics.

Course Objectives:

Upon Completion of this Course, you will accomplish following:
•    prepare for the Certified in Risk and Information Systems Control exam.
•    understanding enterprise risk.
•    plan, execute, scrutinize and retain information systems controls.
•    risk: identification, evaluation, assessment, response, and monitoring.
•    IS control design and execution.
•    IS control maintenance and monitoring.

Course Outlines:

Day 1:
Domain 1: IT risk Identification
•    Risk capacity, risk appetite, and risk tolerance
•    Risk culture and communication
•    Elements of risk
•    Information security risk concepts and principles
•    The IT risk strategy of the business
•    IT concepts and areas of concern for the risk practitioner
•    Methods of risk identification
•    IT risk scenarios
•    Ownership and accountability
•    The IT risk register
•    RISK awareness    

Day 2: 
Domain 2: IT Risk Assessment 
•    Risk assessment techniques 
•    Analyzing risk scenarios 
•    Current state of controls 
•    Changes in the risk environment 
•    Project and program management 
•    Risk and controls analysis 
•    Risk analysis methodologies 
•    Risk ranking o Documenting risk assessment

Day 3: 
Domain 3: Risk Response and Mitigation 
•    Aligning risk response with business objectives 
•    Risk response options 
•    Analysis techniques 
•    Vulnerabilities associated with new controls 
•    Developing a risk action plan 
•    Business process review tools and techniques 
•    Control design and implementation 
•    Control monitoring and effectiveness 
•    Type of risk 
•    Control activities, objectives, practices and metrics 
•    Systems control design and implementation 
•    Impact of emerging technologies on design and implementation of controls 
•    Control ownership 
•    Risk management procedures and documentation 

Day 4: 
Domain 4: Risk and Control Monitoring and Reporting 
•    Key risk indicators 
•    Key performance Indicators 
•    Data collection and extraction tools and techniques 
•    Monitoring controls 
•    Control assessment types 
•    Results of control assessment 
•    Change to the IT risk profile

Day 5: 
•    Exam Preparation