Certified in Risk and Information Systems Control
IT and enterprise risk management is key to an organization’s operations and strategy. If you are an IT professional, risk and control professional, business analyst, project manager or compliance professional, this Certified Risk and Information Systems Control training course will teach you to defend, protect and future-proof your enterprise.
About this course
Prepare to obtain the Certified in Risk and Information Systems Control® (CRISC) certification and be recognized among the world’s most-qualified risk professionals. The CRISC Online Review Course provides online, on-demand instruction and is ideal for preparing you for the CRISC certification exam.
The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice. It uses proven instructional design techniques, incorporating video, interactive eLearning modules, downloadable, interactive workbooks, downloadable job aids, case study activities and pre- and post-course assessments.
- Professionals preparing to become CRISC certified
- Risk practitioners
- Students or recent graduates
Domain 1 – Risk Management
- Collect and review environmental risk data
- Identify potential vulnerabilities to people, processes and assets
- Develop IT scenarios based on information and potential impact to the organization
- Identify key stakeholders for risk scenarios
- Establish risk register
- Gain senior leadership and stakeholder approval of the risk plan
- Collaborate to create a risk awareness program and conduct training
Domain 2 – IT Risk Assessment
- Analyze risk scenarios to determine likelihood and impact
- Identify current state of risk controls and their effectiveness
- Determine gaps between the current state of risk controls and the desired state
- Ensure risk ownership is assigned at the appropriate level
- Communicate risk assessment data to senior management and appropriate stakeholders
- Update the risk register with risk assessment data
Domain 3 – Risk Response and Mitigation
- Align risk responses with business objectives
- Develop consult with and assist risk owners with development risk action plans
- Ensure risk mitigation controls are managed to acceptable levels
- Ensure control ownership is appropriately assigned to establish accountability
- Develop and document control procedures for effective control
- Update the risk register
- Validate that risk responses are executed according to risk action plans
Domain 4 – Risk and Control Monitoring and Reporting
- Risk and control monitoring and reporting
- Define key risk indicators (KRIs) and identify key performance indicators (KPIs) to enable performance measurement key risk indicators (KRIs) and key performance indicators (KPIs)
- Determine the effectiveness of control assessments
- Identify and report trends/changes to KRIs/KPIs that affect control performance or the risk profile
At the completion of this course you will be able to:
- Identify the IT risk management strategy in support of business objectives and alignment with the Enterprise Risk Management (ERM) strategy.
- Analyze and evaluate IT risk to determine the likelihood and impact on business objectives to enable risk-based decision making.
- Determine risk response options and evaluate their efficiency and effectiveness to manage risk in alignment with business objectives.
- Continuously monitor and report on IT risk and controls to relevant stakeholders to ensure the continued efficiency and effectiveness of the IT risk management strategy and its alignment with business objectives.
Our Popular Courses
We are always there to support you!
Whether you are looking to accelerate your career, earn your certification, or learn something for personal reasons, Makintouch got you covered.