CRISC – CERTIFIED IN RISK AND INFO SYSTEMS CONTROLS
ISACA’s is awarding CRISC qualification to individuals who owns set of knowledge and expertise to identify and manage risks through the development, implementation and maintenance of information systems.
Launched in 2010, CIRSC certificate is internationally recognized and held by more than 17,000 IT professionals worldwide. CRISC exam is a 150 questions and 4 hours exam; you should score 450/800 in order to pass the exam.
The CRISC Exam Preparation course is a three-day classroom session that covers the four job practice knowledge domains outlined by ISACA. The sample exam exercises and discussions will help candidates pass the exam hopefully at the first attempt. Delivered in just three days, this course has been designed to maximize time effectiveness and reduce any unnecessary time away from the office.
- Introduce risk fundamental concepts and set a strategy to management them in support of business objectives and enterprise risk management (ERM).
- Analyze and evaluate IT risk to determine the likelihood and impact on business objectives to enable risk-based decision making.
- Determine risk response options and evaluate their efficiency and effectiveness to manage risk in alignment with business objectives.
- Continuously monitor and report on IT risk and controls to relevant stakeholders to ensure the continued efficiency and effectiveness of the IT risk framework and activities.
WHO SHOULD ATTEND?
- Risk and Security Managers
- CIOs, CISOs and IT Managers
- IT professionals, Auditors
- Compliance professionals
CERTIFIED IN RISK AND INFO SYSTEMS CONTROLS CERTIFICATION
ISACA was incorporated in 1969 by a small group of individuals who recognized a need for a centralized source of information and guidance in the growing field of auditing controls for computer systems. Today, ISACA serves 140,000 professionals in 180 countries.
As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.
- Length 3 days
- Level Advanced Training Although this is a highend course designed for professionals, it delivers fundamental information about risk management and information systems controls. It helps IT experts to catch up with best practices in risk definition, analysis and treatment.
- Industry Audit, Regulation & Compliance
- Prerequisites General IT experience
- Association ISACA - Information Systems Audit and Control Association
- Language English
- This program is worth 21 NASBA CPE credits
1. Introduction – the CRISC overview
»» CRISC job practice areas
»» Risk definitions & organizational context
»» The overall process for risk management
»» Governance versus management of risk
»» Enterprise Risk types
2. Risk definition
»» Key Risk terminologies
»» Responsibilities of risk management
»» Risk culture and integration
»» IT Security concepts (CIA)
»» Threats, vulnerabilities and impacts
»» IT Risk as part of business Risk
3. Risk Identification, Assessment and Evaluation
»» The ISO 31000:2009
»» Risk scenarios development
»» Risk assessment techniques
»» Risk register maintenance
»» Risks and controls
4. Risk Response
»» Selecting controls
»» IT controls effectiveness
»» Residual risks
5. IS Control Design and Implementation
»» Physical security controls
»» Applications risks and controls
»» Network risks and controls
»» Operations controls
»» Business continuity & disaster recovery
»» Data confidentiality controls
6. IS Control Monitoring and Maintenance
»» Risk review and risk profile
»» Key risk indicators
»» Governance and monitoring