The Certified Risk Information Systems Control training course provides delegates with valuable technical skills, which ensure success and prosperity in the realm of IT security. The CRISC certification is a powerful manifestation of proficiency and expertise regarding various areas of risk. As well as this, CRISC demonstrates a commitment to IT security operations and enterprises, and a willingness to deliver quality within their profession.
Interested in attending? Have a suggestion about running this event near you?
Register your interest now
Description
Module 1: Risk Identification
Lessons:
- Risk Identification Objectives
- Risk Identification Overview
- Concepts of IT Risk
- Risk Management Standards
- Risk Identification Frameworks
- Assets
- Threats
- Vulnerabilities
- Elements of Risk
- Penetration Testing
- COBIT 5
- ISO
- Risk Scenarios
- Communicating Risk
- Risk Awareness
- Organisational Structures and Culture
- Risk within the Enterprise
- Compliance
- Principles of Risk
- Conclusion
Module 2: Risk Assessment
Lessons:
- Risk Assessment Objectives
- Risk Assessment Overview
- Risk Assessment Techniques
- Risk Assessment Analysis
- Methodologies
- Control Assessment
- Risk Evaluation and Impact Assessment
- Risk and Control Analysis
- Third Party Management
- System Development Lifecycle
- Developing Technologies
- Enterprise Architecture
- Conclusion
Module 3: Risk Response and Mitigation
Lessons:
- Risk Response and Mitigation Objectives
- Risk Response and Mitigation Overview
- Risk Response Options
- Response Analysis
- Risk Response Plans
- Control Objectives and Practices
- Control Ownership
- Systems Control Design Implementation
- Control and Countermeasures
- Business Continuity
- Disaster Recovery
- Risk Accountability
- Inherent and Residual Risk
- Conclusion
Module 4: Risk and Control Monitoring and Reporting
Lessons:
- Risk and Control Monitoring and Reporting Objectives
- Risk and Control Monitoring and Reporting Overview
- Key Risk Indicators (KRIs)
- Data Collection
- Monitoring Controls
- Control Assessments
- Penetration Testing
- Vulnerability Assessments
- Third Party Assurance
- Maturity Model Assessment
- Techniques for Improvement
- Capability Maturity Model
- IT Risk Profile
- Conclusion
Audience Profile
Certified in Risk and Information Systems Control (CRISC) is specially designed for IT Professionals.
Prerequisites
Professional experience within risk management/control for a minimum of 3 years is required for CRISC certification. You should be familiar with the CRISC job practice domains before attending.