CERTIFIED RISK AND INFORMATION SYSTEMS CONTROL (CRISC) TRAINING

This official ISACA CRISC certification course provides you with in-depth coverage on the four CRISC domains: risk identification; IT risk assessment; risk response and mitigation; risk and control monitoring and reporting. IT and enterprise risk management is key to an organization’s operations and strategy. If you are an IT professional, risk and control professional, business analyst, project manager or compliance professional, this Certified Risk and Information Systems Control training course will teach you to defend, protect and future-proof your enterprise.

CRISC certification at XCEED prepares IT professionals for enterprise risk management’s unique challenges. The training program enables them to become strategic partners to the enterprise.

CRISC is the most current and rigorous assessment available to evaluate IT professionals’ risk management proficiency and other employees within an enterprise or financial institute.

Those who earn CRISC help enterprises understand business risks and have the technical knowledge to implement appropriate IS controls

PREREQUISITES

Professional experience within risk management/control for a minimum of 3 years is required for CRISC certification.

• IT Risk Identification
• IT Risk Assessment
• Risk Response and Mitigation
• Risk and Control Monitoring and Reporting

TARGET AUDIENCE

• CEOs/CFOs
• Chief Audit Executives
• Audit Partners/Heads
• CIOs/CISOs
• Chief Compliance/Privacy/Risk Officers
• Security Managers/Directors/Consultants
• IT Directors/Managers/Consultants
• Audit Directors/Managers/Consultant

COURSE OUTCOMES

Since its introduction in 2010, more than 24,000 professionals have obtained ISACA®’s Certified in Risk and Information Systems Control™ (CRISC™) certification. The designation demonstrates to employers that the holder is able to identify, evaluate and manage information systems and technology risk, and help enterprises achieve their business objectives.

1. Identifying IT Risk:

• Proficiency in this realm validates the expertise required to identify the universeof IT risk in order to contribute to the execution of the IT risk management strategy, in support of business objectives and in alignment with the enterprise risk management (ERM) strategy.
• Domain 1 confirms one’s ability to recognize and gauge threats and vulnerabilities to the organization’s people, processes and technology.

2. Assessing IT Risk:

• Exam success demonstrates the advanced ability to analyze and evaluate IT risk to determine the likelihood and impact on business objectives, in order to enable risk-based decision making.
• Domain 2 attests to advanced skill in identifying the current state of existing controls and evaluating their effectiveness for IT risk mitigation.

3. Risk Response and Mitigation:

• This key job practice area verifies expertise in determining risk response options while evaluating their efficiency and effectiveness to manage risk in alignment with business objectives.
• Domain 3 tests your ability to select and implement informed risk decisions that are well-aligned and enunciated throughout the organization.

4. Risk and Control Monitoring and Reporting:

• The final job practice area assesses your capacity to continuously monitor and report on
• IT risk and controls to relevant stakeholders, so as to ensure the effectiveness of the IT risk management strategy and its alignment with business objectives.
• Domain 4 assesses your ability to define and establish key risk indicators (KRIs) and thresholds based on available data, to enable monitoring of changes in risk