CRISC training from CertsLearning, aligned to ISACA 2015, ensures you ace the exam in the first attempt. The training is designed to excel you in tasks such as managing the IT risks, design, implementation, monitoring and maintenance of IS controls.
CRISC®- Certified in Risk and Information Systems Control
By the end of this training you will:
- Demonstrate efficiency in designing, implementing, monitoring and maintaining the IS controls of the enterprise
- Acquire the relevant knowledge and skills required to clear the CRISC certification exam
- Earn the requisite 20 CPEs required to take up the CRISC certification exam
- Develop a working knowledge of the 4 domains areas as prescribed by ISACA –Exam Candidate Information Guide 2015.
CRISC certification is a globally recognized professional requirement in the IT Security domain. This certification is most suited for:
- CEOs/CFOs
- Chief Audit Executives
- Audit Partners/Heads
- CIOs/CISOs
- Chief Compliance/Privacy/Risk Officers
- Security Managers/Directors/Consultants
- IT Directors/Managers/Consultants
- Audit Directors/Managers/Consultant
Certified in Risk and Information Systems Control(CRISC®)
1
Domain 00 – Introduction to CRISC®
- 0.1 Introduction to CRISC®
- 0.2 Objectives
- 0.3 CRISC®
- 0.4 About ISACA
- 0.5 About ISACA® (contd.)
- 0.6 CRISC® Domains
- 0.7 Value of CRISC®
- 0.8 Requirements for CRISC® certification
- 0.9 CRISC® Exam
- 0.10 Quiz
- 0.11 Summary
- 0.12 conclusion
2
Domain 01 – Risk Indentification
- 1.1 Risk Indentification
- 1.2 Objectives
- 1.3 Task Statements
- 1.4 Knowledge Check
- 1.5 Knowledge Statements
- 1.6 IT Risk Concepts
- 1.7 Information Security Risk Concepts
- 1.8 Information Security Risk Concepts (contd)
- 1.9 Information Security Risk Concepts: Confidentiality
- 1.10 Information Security Risk Concepts: Integrity
- 1.11 Information Security Risk Concepts: Availability
- 1.12 Information Security Risk Concepts: Segregation of Duties
- 1.13 Information Security Risk Concepts: Authentication
- 1.14 Information Security Risk Concepts: IAAA
- 1.15 Knowledge Check
- 1.16 Information Security Risk Concepts: Identity Management
- 1.17 Information Security Risk Concepts: Identity Management
- 1.18 Knowledge Check
- 1.19 Risk Management Standards and Frameworks
- 1.20 COBIT 5 for Risk
- 1.21 ISO/IEC 27001 Series
- 1.22 ISO/IEC: 27005
- 1.23 Risk Identification Frameworks
- 1.24 Threats and Vulnerabilities Related to Assets
- 1.25 Risk Factors
- 1.26 Risk Factors (contd.)
- 1.27 Elements of Risk
- 1.28 Assets
- 1.29 Assets (contd.)
- 1.30 Threats
- 1.31 Threats (contd.)
- 1.32 Vulnerabilities
- 1.33 Vulnerabilities (contd.)
- 1.34 Vulnerabilities Assessment
- 1.35 Penetration Testing
- 1.36 Penetration Testing (contd.)
- 1.37 Knowledge Check
- 1.38 Developing Risk Scenarios
- 1.39 Benefits of Using Risk Scenarios
- 1.40 Risk Scenario Development Tools and Techniques
- 1.41 Risk Scenario Development Tools and Techniques (contd.)
- 1.42 Risk Scenario Development Tools and Techniques (contd.)
- 1.43 Knowledge Check
- 1.44 Risk Communication, Awareness, and Culture
- 1.45 The Risk Awareness Program
- 1.46 The Risk Awareness Program (contd.)
- 1.47 Risk Management Strategy
- 1.48 Organizational Structures and Impact on Risk
- 1.49 Organization Structures and Impact on Risk: RACI Model
- 1.50 Organizational Culture, Ethics and Behavior, and the Impact on Risk
- 1.51 Organizational Culture, Ethics and Behavior, and the Impact on Risk (contd.)
- 1.52 Knowledge Check
- 1.53 Compliance With Laws, Regulations, Standards, and Compliance Requirements
- 1.54 Establishing an Enterprise Risk Management Approach
- 1.55 Risk Register
- 1.56 Risk Register (contd.)
- 1.57 Knowledge Check
- 1.58 Principles of Risk and Control Ownership
- 1.59 Principles of Risk and Control Ownership (contd.)
- 1.60 Risk Appetite and Tolerance
- 1.61 Risk Acceptance
- 1.62 Risk Acceptance (contd.)
- 1.63 Quiz
- 1.64 Summary
- 1.65 Summary (contd.)
- 1.66 Conclusion
3
Domain 02 – Risk Assessment
- 2.1 Risk Assessment
- 2.2 Objectives
- 2.3 Task Statements
- 2.4 Knowledge Statements
- 2.5 Knowledge check
- 2.6 Risk Assessment Techniques
- 2.7 Risk Assessment Techniques (contd.)
- 2.8 Risk Assessment Techniques (contd.)
- 2.9 Risk Scenarios Analysis
- 2.10 Risk Scenarios Analysis: Organizational Structure and Culture
- 2.11 Risk Scenarios Analysis: Policies
- 2.12 Risk Scenarios Analysis: Policies (contd.)
- 2.13 Risk Scenarios Analysis: Standards and Procedures
- 2.14 Knowledge check
- 2.15 Risk Scenarios Analysis: Technology
- 2.16 Risk Scenarios Analysis: Architecture
- 2.17 Risk Scenarios Analysis Controls
- 2.18 Risk Scenarios Analysis Controls (contd.)
- 2.19 Risk Analysis Methodologies
- 2.20 Risk Analysis Methodologies: Quantitative Risk Assessment
- 2.21 Risk Analysis Methodologies: Qualitative Risk Assessment
- 2.22 Knowledge check
- 2.23 Risk Analysis Methodologies: Semi-quantitative Risk Assessment
- 2.24 Risk Analysis Methodologies: Semi-quantitative Risk Assessment(contd)
- 2.25 Risk Ranking
- 2.26 OCTAVE®
- 2.27 Knowledge Check
- 2.28 Control Assessment: Current State of Controls
- 2.29 Control Assessment: Current State of Controls (contd.)
- 2.30 Control Assessment: Current State of Controls (contd.)
- 2.31 Control Assessment: Logs
- 2.32 Control Assessment: Logs (contd.)
- 2.33 Current State of Controls: Vulnerability Assessments and Penetration Testing
- 2.34 Control Assessment: Vulnerability Assessments and Penetration Testing
- 2.35 Knowledge Check
- 2.36 Risk Evaluation and Impact Assessment: Risk and Control Analysis
- 2.37 Risk and Control Analysis: Data Analysis
- 2.38 Risk and Control Analysis: Data Analysis
- 2.39 Risk and Control Analysis: Threat and Misuse Case Modelling
- 2.40 Risk and Control Analysis: Root Cause Analysis
- 2.41 Risk and Control Analysis: Gap Analysis
- 2.42 Risk and Control Analysis: Gap Analysis (contd.)
- 2.43 Third-Party Management
- 2.44 Third-Party Management: Outsourcing
- 2.45 Cloud
- 2.46 Knowledge check
- 2.47 Third-Party Management: Contractual Requirements
- 2.48 IT Operations Management
- 2.49 IT Operations Management (contd)
- 2.50 System Development Lifecycle
- 2.51 System Development Lifecycle (contd.)
- 2.52 System Development Lifecycle (contd.)
- 2.53 Emerging Technologies
- 2.54 Emerging Technologies (contd.)
- 2.55 Knowledge Check
- 2.56 Enterprise Architecture
- 2.57 Enterprise Architecture: Hardware
- 2.58 Enterprise Architecture: Hardware (contd.)
- 2.59 Enterprise Architecture: Hardware (contd.)
- 2.60 Enterprise Architecture: Software
- 2.61 Enterprise Architecture: Software (contd)
- 2.62 Knowledge Check
- 2.63 Enterprise Architecture: Applications
- 2.64 Enterprise Architecture: Applications (contd.)
- 2.65 Enterprise Architecture: Utilities
- 2.66 Enterprise Architecture: Software Utilities
- 2.67 Knowledge Check
- 2.68 Enterprise Architecture: Platforms
- 2.69 Enterprise Architecture: Network Components
- 2.70 Enterprise Architecture: Network Components (contd.)
- 2.71 Enterprise Architecture: Network Components
- 2.72 Enterprise Architecture: Network Components (contd.)
- 2.73 Enterprise Architecture: Network Components - Cabling
- 2.74 Enterprise Architecture: Network Components - Cabling
- 2.75 Knowledge Check
- 2.76 Enterprise Architecture: Network Components-Repeaters
- 2.77 Enterprise Architecture: Network Components - Switches
- 2.78 Enterprise Architecture Network: Components - Switches (contd.)
- 2.79 Enterprise Architecture: Network Components - Routers
- 2.80 Enterprise Architecture: Network Components - Routers (contd.)
- 2.81 Enterprise Architecture: Network Components - Routers (contd.)
- 2.82 Enterprise Architecture: Network Components-Firewalls
- 2.83 Knowledge Check
- 2.84 Enterprise Architecture: Network Components-Firewalls
- 2.85 Enterprise Architecture: Network Components-Proxy
- 2.86 Enterprise Architecture: Network Components-Domain Name System
- 2.87 Enterprise Architecture: Network Components-Wireless Access Points
- 2.88 Enterprise Architecture: Network Components-Other Network Devices
- 2.89 Enterprise Architecture: Network Architecture
- 2.90 Enterprise Architecture: Network Architecture
- 2.91 Enterprise Architecture: Network Architecture (contd.)
- 2.92 Knowledge Check
- 2.93 Quiz
- 2.94 Summary
- 2.95 Summary (contd.)
- 2.96 Conclusion
4
Domain 03 – Risk Response
- 3.1 Risk Response
- 3.2 Objectives
- 3.3 Task Statements
- 3.4 Knowledge Statements
- 3.5 Knowledge Check
- 3.6 Overview
- 3.7 Risk Response Options
- 3.8 Response Risk Options: Risk Acceptance
- 3.9 Risk Response Options: Risk Acceptance (contd.)
- 3.10 Risk Response Options: Risk Mitigation
- 3.11 Risk Response Options: Risk Avoidance
- 3.12 Risk Response Options: Risk Avoidance (contd.)
- 3.13 Risk Response Options: Risk Sharing
- 3.14 Knowledge Check
- 3.15 Response Analysis
- 3.16 Response Analysis (contd.)
- 3.17 Response Response Options: Risk Acceptance
- 3.18 Response Analysis: Return on Investment
- 3.19 Response Analysis: Return on Investment (contd.)
- 3.20 Risk Response: Plans Developing a Risk Response Plan
- 3.21 Risk Response: Plans Developing a Risk Response Plan (contd.)
- 3.22 Risk Response: Plans Developing a Risk Response Plan (contd.)
- 3.23 Knowledge Check
- 3.24 Risk Response: Plans Developing a Risk Response Plan (contd.)
- 3.25 Risk Response: Plans Developing a Risk Response Plan (contd.)
- 3.26 Control Objectives and Practices
- 3.27 Control Objectives and Practices: Business Processes
- 3.28 Control Objectives and Practices: Information Security
- 3.29 Control Objectives and Practices:Information Security (contd.)
- 3.30 Knowledge Check
- 3.31 Control Objectives and Practices: Third-party Management
- 3.32 Control Objectives and Practices: Third-party Management (contd.)
- 3.33 Control Objectives and Practices: Data Management
- 3.34 Control Objectives and Practices: Data Management (contd.)
- 3.35 Control Objectives and Practices: Data Management-Cryptography
- 3.36 Knowledge Check
- 3.37 Control Objectives and Practices: Information Systems Architecture
- 3.38 Control Objectives and Practices: Information Systems Architecture (contd.)
- 3.39 Knowledge Check
- 3.40 Control Objectives and Practices: Information Systems Architecture (contd.)
- 3.41 Control Objectives and Practices: Information Systems Architecture (contd.)
- 3.42 Control Objectives and Practices: Information Systems Architecture (contd.)
- 3.43 Control Objectives and Practices: Information Systems Architecture (contd.)
- 3.44 Control Objectives and Practices: Information Systems Architecture (contd.)
- 3.45 Control Objectives and Practices: Information Systems Architecture (contd.)
- 3.46 Control Objectives and Practices: Information Systems Architecture (contd.)
- 3.47 Control Objectives and Practices: Information Systems Architecture (contd.)
- 3.48 Knowledge Check
- 3.49 Control Ownership
- 3.50 Systems Control Design Implementation
- 3.51 Systems Control Design Implementation: Unit Testing
- 3.52 Systems Control Design Implementation: System Testing
- 3.53 Systems Control Design Implementation: System Testing (contd.)
- 3.54 Systems Control Design Implementation: System Testing (contd.)
- 3.55 Knowledge Check
- 3.56 Systems Control Design Implementation: Quality Assurance
- 3.57 Systems Control Design Implementation: Quality Assurance (contd.)
- 3.58 Systems Control Design Implementation: Others
- 3.59 Systems Control Design Implementation: Go-live Techniques
- 3.60 Systems Control Design Implementation: Post-implementation Review
- 3.61 Systems Control Design Implementation: Project Closeout
- 3.62 Knowledge Check
- 3.63 Controls and Countermeasures
- 3.64 Controls and Countermeasures: Control Matrix
- 3.65 Controls and Countermeasures: Control Standards and Frameworks
- 3.66 Controls and Countermeasures: Categories of Controls Interactivity
- 3.67 Knowledge Check
- 3.68 Business Continuity and Disaster Recovery Management
- 3.69 Business Continuity and Disaster Recovery Management (contd.)
- 3.70 Business Continuity and Disaster Recovery Management (contd.)
- 3.71 Business Continuity and Disaster Recovery Management (contd.)
- 3.72 Knowledge Check
- 3.73 Exception Management
- 3.74 Risk Ownership and Accountability
- 3.75 Inherent and Residual Risk
- 3.76 Inherent and Residual Risk (contd.)
- 3.77 Inherent and Residual Risk (contd.)
- 3.78 Quiz
- 3.79 Summary
- 3.80 Summary (contd.)
- 3.81 Conclusion
5
Domain 04 – Risk and Control Monitoring and Reporting
- 4.1 Risk and Control Monitoring and Reporting
- 4.2 Objectives
- 4.3 Task Statements
- 4.4 Knowledge Statements
- 4.5 Knowledge Check
- 4.6 Key Risk Indicators (KRIs)
- 4.7 KRIs Selection
- 4.8 Benefits of KRIs
- 4.9 KRIs Effectiveness
- 4.10 KRIs Optimization
- 4.11 Knowledge Check
- 4.12 KRIs Maintenance
- 4.13 Data Collection
- 4.14 Data Collection (contd.)
- 4.15 Knowledge Check
- 4.16 Monitoring Controls
- 4.17 Monitoring Controls (contd.)
- 4.18 Monitoring controls (contd.)
- 4.19 Control Assessment
- 4.20 Knowledge Check
- 4.21 Vulnerability Assessments
- 4.22 Penetration Testing
- 4.23 Third-party Assurance
- 4.24 Results of Control Assessments
- 4.25 Maturity Model Assessment and Improvement Techniques
- 4.26 Capability Maturity Model
- 4.27 Knowledge Check
- 4.28 IT Risk Profile
- 4.29 Quiz
- 4.30 Summary
- 4.31 Conclusion
- 4.32 Thank you
You get access to our e-learning content along with the practice simulation tests that help you tackle the toughest of the exam questions. You will also get an online participant handbook with cross references to the e-learning for reinforcement of your learning.
No. The exam fee is not included in the course fee as it is directly paid to ISACA for the membership, application and examination.
ISACA uses and reports scores on a common scale from 200 to 800. For example, the scaled score of 800 represents a perfect score with all questions answered correctly; a scaled score of 200 is the lowest score possible and signifies that only a small number of questions were answered correctly. You need to achieve a score of 450 or higher to pass the CRISC® Exam.
After successful completion of the training, you will be awarded the course completion certificate along with the 20 CPE hour certificate from Certs Learning.
CRISC exam is conducted thrice in a year in the months of July, September and December. To find the exam locations & dates go to (www.isaca.org/certification/pages/exam-locations.aspx)
If you are unable to take the exam, you can request a deferral of your registration fees to the next exam date. To learn more about deferring your exam, including deferral deadlines and costs, please visit http://www.isaca.org/certification/pages/exam-deferral.aspx.
Yes, we do provide assistance for the exam application process. You can state your queries on community.CertsLearning and get them answered along with any other query or concern that you might have about the course.
Our CRISC course is developed to deliver a first attempt pass rate of 100%. With a hands-on learning approach, the training not only gives you the confidence to clear the exam but also helps you retain the knowledge beyond the examination.
Contact us using the form on the right of any page on the Simplilearn website, or select the Live Chat link. Our customer service representatives will be able to give you more details.
No announcements at this moment.
Be the first to add a review.
Please, login to leave a review
