Course Code: GES382
Receive an introduction to CRISC, learn about ISACA, and understand values and domains.
Learn how to identify and assess security risks. Cover threats, risk communication, and management strategies.
Study risk assessment techniques, control assessments, control analysis, and emerging technologies.
Explore risk response options, control ownership, countermeasures, exception management, risk ownership, accountability, and inherent and residual risk.
Understand key risk indicators (KRIs), KRI selection, and the benefits of KRIs.
Cover data collection, knowledge checks, third-party assurance, maturity models, and IT risk profiles.
|I. Introduction To CRISC®|
|A.||Introduction To CRISC®|
|E.||Value Of CRISC®|
|F.||Requirements For CRISC® Certification|
|II. Risk Identification|
|A.||Risk Identification and Task Statements|
|B.||IT Risk and Information Security Risk Concepts|
|C.||Risk Management Standards and Frameworks|
|D.||COBIT 5 for Risk and ISO/IEC 27001 Series|
|E.||Risk Identification Frameworks|
|F.||Threats and Vulnerabilities Related to Assets|
|G.||Risk Factors, Assets and Threats|
|H.||Vulnerabilities and Penetration Testing|
|I.||Risk Scenario Development Tools and Techniques|
|J.||Risk Communication, Awareness, and Culture|
|K.||The Risk Awareness Program|
|L.||Risk Management Strategy|
|M.||Organizational Structures and Impact on Risk|
|N.||Organizational Culture, Ethics and Behavior, and the Impact on Risk|
|O.||Compliance With Laws, Regulations, Standards, and Compliance Requirements|
|P.||Establishing an Enterprise Risk Management Approach|
|Q.||Risk Register and Principles of Risk and Control Ownership|
|R.||Risk Appetite and Tolerance and Acceptance|
|III. Risk Assessment|
|A.||Risk Assessment and Task Statements|
|B.||Risk Assessment Techniques and Risk Scenarios Analysis|
|C.||Risk Analysis Methodologies and Risk Ranking|
|E.||Control Assessment and Current State of Controls|
|F.||Risk Evaluation and Impact Assessment|
|G.||Risk and Control Analysis, Third-Party Management, and Cloud|
|H.||IT Operations Management and System Development Lifecycle|
|I.||Emerging Technologies and Enterprise Architecture|
|IV. Risk Response|
|A.||Risk Response Options|
|C.||Control Objectives and Practices|
|E.||Systems Control Design Implementation|
|F.||Controls and Countermeasures|
|G.||Business Continuity and Disaster Recovery Management|
|I.||Risk Ownership and Accountability|
|J.||Inherent and Residual Risk|
|V. Risk and Control Monitoring And Reporting|
|A.||Key Risk Indicators (KRIs)|
|C.||Benefits of KRIs|
|D.||KRIs Effectiveness and Optimization|
|E.||Knowledge Check and KRIs Maintenance|
|F.||Data Collection and Knowledge Check|
|G.||Monitoring Controls and Control Assessment|
|H.||Vulnerability Assessments and Penetration Testing|
|I.||Third-party Assurance and Results of Control Assessments|
|J.||Maturity Model Assessment and Improvement Techniques|
|K.||Capability Maturity Model|
|L.||IT Risk Profile|
Prerequisites for CRISC Certification – 2015 exams and later:
The examination is open to all individuals who have an interest in business and technology risk management as well as the development and implementation of IS controls. All are encouraged to work toward and take the examination. Successful examination candidates will be sent all information required to apply for certification with their notification of a passing score.
Certification is granted initially to individuals who have successfully completed the CRISC exam and meet the following work experience requirements in the fields of IT risk management and IS control. A minimum of at least three (3) years of cumulative work experience performing the tasks of a CRISC professional across at least two (2) of the four (4) CRISC domains is required for certification. Of these two (2) required domains, one (1) must be in either Domain 1 or 2. There are no substitutions or experience waivers.
Once a CRISC candidate has passed the CRISC certification exam and has met the work experience requirements, the final step is to complete and submit the CRISC Application for Certification. Experience must have been gained within the 10-year period preceding the application date for certification or within five years from the date of initially passing the examination. Retaking and passing the examination will be required if the application for certification is not submitted within five years from the passing date of the examination. All experience must be verified independently with employers.
Please click here for more information in exam and certification requirements.
Requirements: This program can be taken from either a Mac or a PC. It is compatible with the Windows XP, MAC OS X 10.4 or later operating systems, Firefox, Chrome, or IE 7 and later browsers. There are no specific computer requirements other than 512MB of RAM (we recommend 1GB or more), an Internet connection and e-mail account.
Yes, because ed2go programs are online you never have to actually travel to the school. Most schools offer telephone or online registration.
All of our programs are self-paced and open enrollment, so you can start them when you want and finish them at your own pace. When you register, you’ll receive six (6) months to complete the program.
The time allotted to complete your program has been calculated based on the number of hours for each program, so don't worry too much about not completing in time. If, after a concerted effort, you are still unable to complete, your Student Advisor will help you work out a suitable completion date. Please note that a fee may be charged for an extension.
ed2go courses are non-credit courses, so they do not qualify for federal aid. In some states, vocational rehab or workforce development boards will pay for qualified students to take our courses. Additionally, some students may qualify for financial assistance when they enroll, if they meet certain requirements.
Upon successful completion of the program, you will be awarded a certificate of completion. You will also receive a certificate with the required 20 CPE hours.
ed2go programs will provide you with the skills you need to obtain an entry-level position in most cases. We don’t provide direct job placement services, but our facilitators and career counselors will help you build your resume and are available to give advice on finding your first job. Facilitators will also be available to use as a professional reference upon completion of the program. Potential students should always do research on the job market in their area before registering.
Each student is paired with a facilitator for one-on-one interaction. The facilitator will be available (via e-mail) to answer any questions you may have and to provide feedback on your performance. All of our facilitators are successful working professionals in the fields in which they teach.
In order to take our online programs, you must have access to a computer and the Internet. You can access the program contents from any Web-enabled computer. You don’t have to use the same computer to log-in to the program every time. We recommend that you have a word-processing program (Microsoft Word is the best) and the latest version of Internet Explorer.
If you have questions that are not answered on our website, please feel free to contact us via LIVE chat (click the button above). If you are visiting us during non-business hours, please feel free to send us a question using the “Contact Us” form to the right. You may also call us at 1-877-221-5151. We will answer your questions promptly.
Our programs are all open enrollment. You can register and start the program as soon as you are ready.
Please note: Once the program curriculum is accessed online or through submission of a material shipment confirmation, refunds cannot be issued.
Yes, upon completion of the program you will be prepared to sit for the Certified in Risk and Information Systems Control (CRISC) exam. The exam fee is not included with the program. Please click here for more information in exam and certification requirements.