Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Domain 1: Governance
- 1.1 Governance Frameworks and Principles
- Understand various governance frameworks (e.g., COSO, COBIT).
- Principles of effective governance.
- Understand various governance frameworks (e.g., COSO, COBIT).
- 1.2 Organizational Structure and Culture
- Roles and responsibilities within the organization.
- Cultural factors influencing risk management.
- Roles and responsibilities within the organization.
- 1.3 Legal and Regulatory Compliance
- Compliance requirements relevant to IT risk management.
- Legal implications of non-compliance.
- Compliance requirements relevant to IT risk management.
- 1.4 Risk Management Framework
- Components of a risk management framework.
- Integration of risk management into organizational processes.
- Components of a risk management framework.
- 1.5 Ethics and Codes of Conduct
- Ethical considerations in risk management.
- Importance of adherence to codes of conduct.
- Ethical considerations in risk management.
Domain 2: IT Risk Assessment
- 2.1 Risk Identification Techniques
- Methods for identifying IT risks.
- Risk identification tools and methodologies.
- Methods for identifying IT risks.
- 2.2 Risk Analysis and Evaluation
- Quantitative and qualitative risk analysis techniques.
- Evaluation of risk scenarios and their impact.
- Quantitative and qualitative risk analysis techniques.
- 2.3 IT Asset Valuation
- Methods for valuing IT assets.
- Importance of asset valuation in risk assessment.
- Methods for valuing IT assets.
- 2.4 Threat and Vulnerability Identification
- Identification of IT threats and vulnerabilities.
- Techniques for assessing the likelihood and impact of threats.
- Identification of IT threats and vulnerabilities.
Domain 3: Risk Response and Reporting
- 3.1 Risk Response Options
- Strategies for responding to identified risks.
- Risk treatment options (avoidance, mitigation, transfer, acceptance).
- Strategies for responding to identified risks.
- 3.2 Control Selection and Implementation
- Selection of appropriate controls based on risk assessment.
- Implementation of controls to mitigate risks effectively.
- Selection of appropriate controls based on risk assessment.
- 3.3 Risk Monitoring and Communication
- Methods for monitoring and measuring risk over time.
- Effective communication of risk information to stakeholders.
- Methods for monitoring and measuring risk over time.
- 3.4 Incident Response and Management
- Incident response planning and execution.
- Post-incident analysis and lessons learned.
- Incident response planning and execution.
Domain 4: Information Technology and Security
- 4.1 IT Concepts and Architecture
- Fundamental concepts of IT architecture.
- Components of IT systems and their interrelationships.
- Fundamental concepts of IT architecture.
- 4.2 Information Security Fundamentals
- Principles of information security management.
- Common security controls and their implementation.
- Principles of information security management.
- 4.3 Emerging Technology Trends
- Current trends in technology (e.g., cloud computing, IoT).
- Implications of emerging technologies on risk management.
- Current trends in technology (e.g., cloud computing, IoT).
- 4.4 Security Policies, Standards, and Procedures
- Development and implementation of security policies.
- Adherence to industry standards and best practices.
- Development and implementation of security policies.
21 Hours
Testimonials (3)
Overview of Risk topics and preparing for exam
Leszek - EY GLOBAL SERVICES (POLAND) SP Z O O
Course - CRISC - Certified in Risk and Information Systems Control
Trainer's knowledge and experience in this field
Marcin - EY GLOBAL SERVICES (POLAND) SP Z O O
Course - CRISC - Certified in Risk and Information Systems Control
Questions, that helps me a lot to understand the characteristics of CRISC examination.