en
fr
Management Training

(CRISC) Certified In Risk and Information System Control

This 3-Day training prepares the professionals who want to pass the ISACA’s Certified in Risk and Information System Control CRISC® exam. The program covers the four key areas covered in the exam: Governance, IT Risk Assessment, Risk Response and Reporting, Information Technology and Security The program is aligned on the latest Edition (7th) of the CBK (Common Body of Knowledge) from the ISACA®CRISC® certification is recognised around the world.

Who should attend this course?
  • Job roles that can benefit from CRISC® training include, but are not limited to: CISO, Information Security consultants, Governance Consultants, Cybersecurity Consultants, IT professionals, Risk professionals, Control professionals, Project managers, Business analysts, Compliance professionals, Auditors
  • CRISC® exam candidates and anyone keen to improve their knowledge in the field of risk management and IS control.
  • Participants who have completed an ISO 27005 or ISO 31000 course
  • People working with an ERM (Enterprise Risk Management) framework
Prerequisites
  • There is no prerequisite to take the CRISC® exam; however, in order to apply for CRISC® certification, you must meet the necessary experience requirements as determined by ISACA.
  • Participants should have a basic knowledge of the areas to be covered. The course consists of intense preparation for the certification exam.
  • English is required for the exam.

EDUCATIONAL OBJECTIVES

  • Master the risk management approach according to the CRISC®
  • Apply the best responses strategies to the risks weighing on the information system
  • Use best risk monitoring practices
  • Define information system controls
  • Use best practices to monitor and maintain these controls

CERTIFICATION

  • Candidates must apply for certification within 5 years of having passed the exam.
  • A minimum of 3-year experience of cumulative work experience performing the tasks of a CRISC® professional across at least two of the four CRISC® domains is required for the certification. Of these two domains, one must be in either domain 1 or 2.
  • Adhere to the ISACA® code of Professional Ethics
  • Agree to comply with the CRISC® continuing education policy.

Day One: Introduction & Chapter 1: Governance

  • Organizational Strategy, Goals and Objectives
  • Organization structure, Roles and Responsibilities
  • Organizational Structure
  • Policies and Standards
  • Business Process Review
  • Organization assets
  • Enterprise Risk Management and Risk Management Frameworks
  • Three Lines of Defence
  • Risk Profile
  • Risk Appetite, Tolerance and Capacity
  • Legal, Regulatory and Contractual Requirements
  • Exercises – Multiple Choice questions in between chapters and at the end of each chapter

Day Two: Chapter 2: IT Risk Assessment

  • Risk Events
  • Threat Modelling and Threat landscape
  • Vulnerability and Control Deficiency Analysis
  • Risk Scenario Development
  • Risk Assessment Concepts, Standards and Frameworks
  • Risk Register
  • Risk Analysis Methodologies
  • Business Impact Analysis
  • Inherent, Residual and Current risk
  • Exercises – Multiple Choice questions in between chapters and at the end of each chapter

Day Three: Chapter 3: Risk Response and Reporting 

  • Risk and Control Ownership
  • Risk Treatment/Risk Response Options
  • Third-party Risk Management
  • Issues, Finding and Exception Management
  • Management of Emerging risk
  • Control Types, Standards and Frameworks
  • Control Design, Selection and Analysis
  • Control Implementation
  • Control Testing and Effectiveness Evaluation
  • Risk Treatment Plans
  • Data Collection, Aggregation, Analysis and Validation
  • Risk and Control Monitoring Techniques
  • Risk and Control Reporting Techniques
  • Key Performances Indicators
  • Key Risk Indicators
  • Key Control Indicators
  • Exercises – Multiple Choice questions in between chapters and at the end of each chapter

Day Four: Chapter 4: Information Technology and Security

  • Enterprise Architecture
  • IT Operations Management
  • Project Management
  • Enterprise Resiliency
  • Data Life Cycle Management
  • System Development Life Cycle
  • Emerging Trends in Technology
  • Information Security Concepts, Frameworks and Standards
  • Information Security Awareness Training
  • Data Privacy and Principles of Data Protection
  • Exercises – Multiple Choice questions in between chapters and at the end of each chapter

Preparation for the exam

  • Multiple Choice Questions (MCQ) like the exam and correction performed together
  • Discussion and exchanges, hints, and tips to pass the exam.
  • Blank Exam 150 MCQs
  • Registration is to be made on the site www.isaca.org
  • The exam consists of 150 MCQs that cover the CRISC® job practice domains.

Practical information

Duration

4 Days

Languages

EN

Price

€ 2760 + 3% VAT

Location

Classroom Course

Schedule

Guaranteed to run

Sessions in English
24-27/01/2025Book
02-05/06/2025Book
06-09/10/2025Book
01-04/12/2025Book
Sessions in Dutch
Contact us for more infoBook
Sessions in French
Contact us for more infoBook

Share this course on

Book your training

Enter your information to confirm your booking.

    You might also be interested in

    Prerequisite test

    Take the test

    Looking for a tailor made solution?

    Get started with personal training