Course Overview
CRISC Certified in Risk and Information Systems Control certification training course provides a broad review of knowledge required by delegates for effective implementation of IT and enterprise risk management. The CRISC is aimed at security professional that are responsible for day to day task of identification of risk, IT risk assessment, risk response and mitigation including risk and control monitoring and reporting across an organisation
CRISC Domains
Domain 1: Risk Identification
Domain 2: Risk Assessment
Domain 3: Risk Response and Mitigation
Domain 4: Risk and Control Monitoring and Reporting
Course Delivery Methods
- in-house class room
- on-site classroom
- conference centers classroom
- home Virtual led by trainer
The Objective of the Course
On completion of the course, the applicant will be able to:
- Understand how to carry out identification, assessment, and evaluation of the risk based on standards, frameworks and common practices
- Understand method and tool used to carry out identification, assessment, classification and evaluation of the risk including relevant techniques available both qualitative and quantitative for evaluating risk as well as knowledge of structure of business or enterprise objectives
- Understand possible risk scenarios that enterprise processes, initiative and activities are facing as well as associated vulnerabilities and threat to that effect. Knowledge of information system architecture such as networks, databases, platforms, operating systems and applications including relevant concept applied for information security
- Understand various aspect of the standards, framework and practices relevant for IT Risk Assessment, risk assessment options, return in investment, cost-benefits analysis, enterprise policies in respect to risk management process for risk response
- Knowledge of project management and tools including investment, value and portfolio management and development of techniques
- Understand standards, framework and common practices related to risk monitoring, risk ownership principles, the important of reporting enterprise risk compliance and techniques tools used to accomplish that
- Knowledge of key risk indicator and key performance indicator and risk assessment methodology including tools for data extraction, collation, confirmation and analysis, management risk monitoring methods as internal and external audits, regulatory review, quality and peer review
- Knowledge of standards, frameworks and common practices in respect to Information Security Control design and execution including tools used to monitor enterprise processes, business security architecture, maturity models and methods and practices used for security testing
- Knowledge of enterprise processes, initiatives and control practices including system architecture such as application, networks, platforms, operating systems and databases and relevant controls in respect to data management, information security, system development life cycle and architecture as well as third party management.
- Knowledge of project and program management, business continuity and disaster recovery management, IT operation, enterprise processes, problem management and incident. Other aspect includes accreditation practices, certification and governance, risk and compliance tools as well as training and education method
Course Features
- Lectures 0
- Quizzes 0
- Duration 10 weeks
- Skill level All levels
- Students 0
- Assessments Yes