Call Now

+92 312 0490601

Certified in Risk and Information Systems Control (CRISC) Enrollment Form


Need Help?
Get instant support from our team

Chat on WhatsApp

ISACA

Certified in Risk and Information Systems Control (CRISC)

Course Outline

Module 01: Governance

Organizational Governance
  • Organizational Strategy, Goals, and Objectives
  • Organizational Structure, Roles and Responsibilities
  • Organizational Culture
  • Policies and Standards
  • Business Processes
  • Organizational Assets

 

Risk Governance
  • Enterprise Risk Management and Risk Management Framework
  • Three Lines of Defense
  • Risk Profile
  • Risk Appetite and Risk Tolerance
  • Legal, Regulatory and Contractual Requirements
  • Professional Ethics of Risk Management

 

Module 02: IT Risk Assessment

It Risk Identification
  • Risk Events (e.g., contributing conditions, loss result)
  • Threat Modelling and Threat Landscape
  • Vulnerability and Control Deficiency Analysis (e.g., root cause analysis)
  • Risk Scenario Development

 

It Risk Analysis and Evaluation
  • Risk Assessment Concepts, Standards and Frameworks
  • Risk Register
  • Risk Analysis Methodologies
  • Business Impact Analysis
  • Inherent and Residual Risk

 

Module 03: Risk Response and Reporting

Risk Response
  • Risk Treatment / Risk Response Options
  • Risk and Control Ownership
  • Third-Party Risk Management
  • Issue, Finding and Exception Management
  • Management of Emerging Risk

 

Control Design and Implementation
  • Control Types, Standards and Frameworks
  • Control Design, Selection and Analysis
  • Control Implementation
  • Control Testing and Effectiveness Evaluation

 

Risk Monitoring and Reporting
  • Risk Treatment Plans
  • Data Collection, Aggregation, Analysis and Validation
  • Risk and Control Monitoring Techniques
  • Risk and Control Reporting Techniques (heatmap, scorecards, dashboards)
  • Key Performance Indicators
  • Key Risk Indicators (KRIs)
  • Key Control Indicators (KCIs)

 

Module 04: Information Technology and Security

Information Technology Principles
  • Enterprise Architecture
  • IT Operations Management (e.g., change management, IT assets, problems, incidents)
  • Project Management
  • Disaster Recovery Management (DRM)
  • Data Lifecycle Management
  • System Development Life Cycle (SDLC)
  • Emerging Technologies

 

Information Security Principles
  • Information Security Concepts, Frameworks and Standards
  • Information Security Awareness Training
  • Business Continuity Management
  • Data Privacy and Data Protection Principles

 

About this course

$ 150

Start Your Enrollment
}

Duration

40hrs

Module

4

Need Help?
Get instant support from our team

Chat on WhatsApp

$ 150

Enroll Now
}

8

Module

6