Skip to main Content

Certified in Risk and Information Systems Control

  • Course Code CRISC
  • Duration 3 days

Course Delivery

Public Classroom Price

SAR8,000.00

excl. VAT

Request Group Training Add to Cart

Course Delivery

This course is available in the following formats:

  • Company Event

    Event at company

  • Public Classroom

    Traditional Classroom Learning

Request this course in a different delivery format.

Course Overview

Top

CRISC is the only certification that prepares and enables IT professionals for the unique challenges of IT and enterprise risk management, and positions them to become strategic partners to the enterprise  helping enterprises accomplish business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls.

The CRISC Exam Preparation course is an intensive, four-day review program to prepare individuals who are planning to sit for the Certified in Risk and Information System Controls™ (CRISC) exam. The course focuses on the key points covered in the CRISC Review Manual 6th Edition and includes class lectures, group discussions, exam practice and answer debriefs. The course is intended for individuals with familiarity with and experience in IT and enterprise risk management.

 

 

Course Schedule

Top
    • Delivery Format: Public Classroom
    • Date: 06-08 September, 2020
    • Location: Doha
    • Delivery Format: Public Classroom
    • Date: 25-27 October, 2020
    • Location: Riyadh

    SAR8,000.00

    • Delivery Format: Public Classroom
    • Date: 08-10 November, 2020
    • Location: Riyadh

    SAR8,000.00

Target Audience

Top

Individuals who are looking to build a greater understanding of the impact of IT risk and how it relates to their organization.

Course Objectives

Top

After completing this course you should be able to:

  • Identify the IT risk management strategy in support of business objectives and alignment with the Enterprise Risk Management (ERM) strategy.
  • Analyze and evaluate IT risk to determine the likelihood and impact on business objectives to enable risk-based decision making.
  • Determine risk response options and evaluate their efficiency and effectiveness to manage risk in alignment with business objectives.
  • Continuously monitor and report on IT risk and controls to relevant stakeholders to ensure the continued efficiency and effectiveness of the IT risk management strategy and its alignment with business objectives.

Course Content

Top

General Exam Information

The Context of IT Risk Management

Domain 1—Risk Management

  • Collect and review environmental risk data
  • Identify potential vulnerabilities to people, processes and assets
  • Develop IT scenarios based on information and potential impact to the organization
  • Identify key stakeholders for risk scenarios
  • Establish risk register
  • Gain senior leadership and stakeholder approval of the risk plan
  • Collaborate to create a risk awareness program and conduct training

Domain 2—IT Risk Assessment

  • Analyse risk scenarios to determine likelihood and impact
  • Identify current state of risk controls and their effectiveness
  • Determine gaps between the current state of risk controls and the desired state
  • Ensure risk ownership is assigned at the appropriate level
  • Communicate risk assessment data to senior management and appropriate stakeholders
  • Update the risk register with risk assessment data

Domain 3—Risk Response and Mitigation

  • Align risk responses with business objectives
  • Develop consult with and assist risk owners with development risk action plans
  • Ensure risk mitigation controls are managed to acceptable levels
  • Ensure control ownership is appropriately assigned to establish accountability
  • Develop and document control procedures for effective control
  • Update the risk register
  • Validate that risk responses are executed according to risk action plans

Domain 4—Risk and Control Monitoring and Reporting

  • Risk and control monitoring and reporting
  • Define key risk indicators (KRIs) and identify key performance indicators (KPIs) to enable performance measurement key risk indicators (KRIs) and key performance indicators (KPIs)
  • Determine the effectiveness of control assessments
  • Identify and report trends/changes to KRIs/KPIs that affect control performance or the risk profile

Practice Exam

Course Prerequisites

Top

Attendees should meet the following prerequisites:

  • There are no prerequisite to take the CRISC exam; however, in order to apply for CRISC certification you must meet the necessary experience requirements as determined by ISACA

Test Certification

Top

Recommended as preparation for the following exam:

  • ISACA CRISC Certification Exam

Please Note: Three (3) or more years of cumulative work experience performing the tasks of a CRISC professional across at least two (2) CRISC domains, of which one must be in Domain 1 or 2, is required for certification. There are no substitutions or experience waivers.


Further Information

Top

Courseware is provided in a digital format, the voucher for courseware access is distributed prior to the start of the class

The CRISC exam is not included in this training course and candidates must book their Computer-Based Testing (CBT) exam session directly with ISACA. Our experience shows that delegates have the highest chance of success if they sit the exam approximately two to four weeks after completing the training course.