ISACA CRISC course and certification

ÖVERSIKT

On this Readynez course, you'll learn how to ensure that your IT systems meet the business's needs - through leadership, and organisational structures and processes. Learn about the roles, responsibilities and various focus areas of IT governance.

Get CRISC certified and improve your understanding of IT risk management, and its impact on your business. With the CRISC certification you'll be able to design, implement, monitor and maintain risk-based, efficient and effective information systems controls.

The Certified in Risk and Information Systems Control (CRISC) certification proves your knowledge of enterprise risk, and your ability to use information systems controls to mitigate this risk. Get your ISACA CRISC training in just 3 days and learn more than you could imagine.

You’ll use Readynez’s unique Lecture | Lab | Review technique, which will immerse you in topics like:

Risk identification, assessment and evaluation
Risk response
Risk monitoring
Information systems control design and implementation
Information systems control monitoring and maintenance

At Readynez, we know your time is valuable. That's why we give you the opportunity to gain your CRISC training in just 3 days. We provide the best conditions for you to learn.

With us by your side, encouraging and guiding you along the way, you can enjoy 3 intense, focused days of quality learning in a distraction free environment. Your expert instructor will be working with Readynez's unique accelerated learning methods, which include our exclusive lecture/lab/review methodology with real life cases putting you in the best possible position to learn and retain knowledge.

Sitting your ISACA CRISC course and certification with Readynez means:

You'll get more hours of training per day, allowing you to get trained faster and more cost-effectively than with any other training provider.
You will be trained by one of the most expert instructors in the world.
You can focus purely on learning in our distraction free environment.
Dedicated onsite support and access to your classroom at all hours.
The price you pay is all-inclusive and covers all course materials, transportation service, accommodation and meals.
The Certification Guarantee allows you to train again for free, if you do not pass first time. You only pay for any exams and labs, and accommodation.

SE HELA AGENDAN

Kursöversikt

Kurs

ISACA CRISC Certification (Certified in Risk and Information Systems Control)

Längd

3 dagar

Tillgängliga datum

17. dec – 19. dec, 2018 - Väntelista
24. apr – 26. apr, 2019 - Lediga platser

Certifiering

ISACA: Certified in Risk and Information Systems Control (CRISC)

Examen

Certified in Risk and Information Systems Control (CRISC)

Se priser

Ditt paketpris inkluderar:

Transportservice
Boende
All mat, dryck m.m.
33 timmars instruktörslett program
Kursmaterial

ISACA CRISC Certification (Certified in Risk and Information Systems Control) 

We have designed our course material in the way that best prepares you to learn and pass your exam.

On this three-day course, you'll learn the five domains of CRISC.

Domain 1— Risk Identification (27%)
Domain 2— Risk Assessment (28%)
Domain 3— Risk Response and Mitigation (23%)
Domain 4— Risk and Control Monitoring and Reporting (22%)

Domain 1—Risk Identification

Identify the universe of IT risk to contribute to the execution of the IT risk management strategy in support of business objectives and in alignment with the enterprise risk management (ERM) strategy.

1.1 Collect and review information, including existing documentation, regarding the organization’s internal and external business and IT environments to identify potential or realized impacts of IT risk to the organization’s business objectives and operations.
1.2 Identify potential threats and vulnerabilities to the organization’s people, processes and technology to enable IT risk analysis.
1.3 Develop a comprehensive set of IT risk scenarios based on available information to determine the potential impact to business objectives and operations.
1.4 Identify key stakeholders for IT risk scenarios to help establish accountability.
1.5 Establish an IT risk register to help ensure that identified IT risk scenarios are accounted for and incorporated into the enterprise-wide risk profile.
1.6 Identify risk appetite and tolerance defined by senior leadership and key stakeholders to ensure alignment with business objectives.
1.7 Collaborate in the development of a risk awareness program, and conduct training to ensure that stakeholders understand risk and to promote a risk-aware culture.

Domain 2—IT Risk Assessment

Analyze and evaluate IT risk to determine the likelihood and impact on business objectives to enable risk-based decision making.

2.1 Analyze risk scenarios based on organizational criteria (e.g., organizational structure, policies, standards, technology, architecture, controls) to determine the likelihood and impact of an identified risk.
2.2 Identify the current state of existing controls and evaluate their effectiveness for IT risk mitigation.
2.3 Review the results of risk and control analysis to assess any gaps between current and desired states of the IT risk environment.
2.4 Ensure that risk ownership is assigned at the appropriate level to establish clear lines of accountability.
2.5 Communicate the results of risk assessments to senior management and appropriate stakeholders to enable risk-based decision making.
2.6 Update the risk register with the results of the risk assessment.

Domain 3—Risk Response and Mitigation

Determine risk response options and evaluate their efficiency and effectiveness to manage risk in alignment with business objectives.

3.1 Consult with risk owners to select and align recommended risk responses with business objectives and enable informed risk decisions.
3.2 Consult with, or assist, risk owners on the development of risk action plans to ensure that plans include key elements (e.g., response, cost, target date).
3.3 Consult on the design and implementation or adjustment of mitigating controls to ensure that the risk is managed to an acceptable level.
3.4 Ensure that control ownership is assigned to establish clear lines of accountability.
3.5 Assist control owners in developing control procedures and documentation to enable efficient and effective control execution.
3.6 Update the risk register to reflect changes in risk and management’s risk response.
3.7 Validate that risk responses have been executed according to the risk action plans.

Domain 4—Risk and Control Monitoring and Reporting

Continuously monitor and report on IT risk and controls to relevant stakeholders to ensure the continued efficiency and effectiveness of the IT risk management strategy and its alignment to business objectives.

4.1 Define and establish key risk indicators (KRIs) and thresholds based on available data, to enable monitoring of changes in risk.
4.2 Monitor and analyze key risk indicators (KRIs) to identify changes or trends in the IT risk profile.
4.3 Report on changes or trends related to the IT risk profile to assist management and relevant stakeholders in decision making.
4.4 Facilitate the identification of metrics and key performance indicators (KPIs) to enable the measurement of control performance.
4.5 Monitor and analyze key performance indicators (KPIs) to identify changes or trends related to the control environment and determine the efficiency and effectiveness of controls.
4.6 Review the results of control assessments to determine the effectiveness of the control environment.
4.7 Report on the performance of, changes to, or trends in the overall risk profile and control environment to relevant stakeholders to enable decision making.

CRISC Knowledge Statements

Knowledge of:

1. Laws, regulations, standards and compliance requirements
2. Industry trends and emerging technologies
3. Enterprise systems architecture (e.g., platforms, networks, applications, databases and operating systems)
4. Business goals and objectives
5. Contractual requirements with customers and third-party service providers
6. Threats and vulnerabilities related to:

6.1. Business processes and initiatives
6.2. Third-party management
6.3. Data management
6.4. Hardware, software and appliances
6.5. The system development life cycle (SDLC)
6.6. Project and program management
6.7. Business continuity and disaster recovery management (DRM)
6.8. Management of IT operations
6.9. Emerging technologies

7. Methods to identify risk
8. Risk scenario development tools and techniques
9. Risk identification and classification standards, and frameworks
10. Risk events/incident concepts (e.g., contributing conditions, lessons learned, loss result)
11. Elements of a risk register
12. Risk appetite and tolerance
13. Risk analysis methodologies (quantitative and qualitative)
14. Organisational structures
15. Organisational culture, ethics and behavior
16. Organisational assets (e.g., people, technology, data, trademarks, intellectual property) and business processes, including enterprise risk management (ERM)
17. Organisational policies and standards
18. Business process review tools and techniques
19. Analysis techniques (e.g., root cause, gap, cost-benefit, return on investment [ROI])
20. Capability assessment models and improvement techniques and strategies
21. Data analysis, validation and aggregation techniques (e.g., trend analysis, modeling)
22. Data collection and extraction tools and techniques
23. Principles of risk and control ownership
24. Characteristics of inherent and residual risk
25. Exception management practices
26. Risk assessment standards, frameworks and techniques
27. Risk response options (i.e., accept, mitigate, avoid, transfer) and criteria for selection
28. Information security concepts and principles, including confidentiality, integrity and availability of information
29. Systems control design and implementation, including testing methodologies and practices
30. The impact of emerging technologies on design and implementation of controls
31. Requirements, principles, and practices for educating and training on risk and control activities
32. key risk indicators (KRIs)
33. Risk monitoring standards and frameworks
34. Risk monitoring tools and techniques
35. Risk reporting tools and techniques
36. IT risk management best practices
37. Key performance indicator (KPIs)
38. Control types, standards, and frameworks
39. Control monitoring and reporting tools and techniques
40. Control assessment types (e.g., self-assessments, audits, vulnerability assessments, penetration tests, third-party assurance)
41. Control activities, objectives, practices and metrics related to:

41.1. Business processes
- 41.2. Information security, including technology certification and accreditation practices
- 41.3. Third-party management, including service delivery
- 41.4. Data management
- 41.5. The system development life cycle (SDLC)
- 41.6. Project and program management
- 41.7. Business continuity and disaster recovery management (DRM)
- 41.8. IT operations management
- 41.9. The information systems architecture (e.g., platforms, networks, applications, databases and operating systems)

YOUR BENEFITS!

Effective instruction must be highly varied and interactive to keep attention levels high, promote learning and teamwork between the students and instructor, and solidify knowledge through hands-on learning.
That's the Readynez way.

Your personal benefits

1

Your ISACA CRISC Training programme will get you trained in fewer days with more training hours per day than any other provider

2

Maximum learning in a distraction free environment

3

Dedicated, onsite support at all hours

4

Advanced career opportunities with official certification

5

Improved knowledge and confidence

6

Instructors with real-world experience – you will learn about real-world problems and solutions to strengthen your understanding and skill level

7

We help you study - our focus is on real learning, not just the course or the exam, so we support you to make the most of the course and to improve your exam technique

8

Improved network of likeminded people

Se priser

Your organization's benefits

1

All-inclusive course package with no hidden costs

2

Minimum time spent out of the office

3

You'll gain a certified specialist with highly developed skills

4

We supplement the full official courseware with our expert guidance and relevant, real-world situational reviews empowering your business to get real business value from this course

Se priser

“Readynez is very intensive and quite practical on delivery with clear understanding for a real world situation. It is a training institution any serious minded IT professional CAN'T afford to ignore. Thank you Readynez. I will surely come back again and again.”

Olanipekun Castano

National Insurance Commission

“It´s an amazing way of learning, fast and fun! We had the amazing instructor techniques which was a fantastic and unforgettable experience!.”

Kat Grimshaw

Sentinel Housing Association

ISACA

With us you’ll get the full range of accelerated ISACA certification courses, designed to provide you with the skills and knowledge you need to secure your business assets from cyber-attacks.
When you´ve achieved a globally recognised ISACA certification you can prove that you possess the experience and knowledge to meet the challenges of modern enterprise.

WHAT'S INCLUDED

Everything! In addition to your all-inclusive course package specifically designed to your
requirements, we go the extra mile to make sure you have everything you need and will
attend to every detail, so you can focus solely on your studies and certification goals.

Transportation to/from designated pick up points

Accommodation

Hands-on training with lecture/lab/review method

All course materials

Fully instructor-led program

24 hour classroom access

All meals, snacks and unlimited beverages

Onsite testing as part of your course

Certification guarantee

Transportation

We will take care of the practicalities and pick you up.

Wherever you are in the world, you can experience a distraction-free environment by staying in one of our purpose-built training centres. To make it easy for you to train with us, we offer your a transporation service. We´ll pick you up and drop you off after your course, from/to designated pick-up points - so you won´t have to think about how to reach us or get back home.

Certifiering

What do you get?

We´ll prepare you for the following exam:

CRISC Exam

The CRISC exam tests knowledge in the following CRISC domains:

Domain 1— Risk Identification (27%) 
Domain 2— Risk Assessment (28%) 
Domain 3— Risk Response and Mitigation (23%) 
Domain 4— Risk and Control Monitoring and Reporting (22%

Readynez is an official delivery partner for ISACA exams. This means you'll study for and sit your CRISC exam on site with Readynez during the accelerated course. Plus, if you don’t pass first time, you'll be covered by your Certification Guarantee

Please note: The course price does not include external exam fees. You will book and pay for your exam directly with ISACA and take it during your course. Readynez can support you through this process.

Why learn with Readynez?

At Readynez, we share you ambition and we know you have what it takes to achieve it. That’s why we dedicate ourselves to your training, guiding you on the right path and encouraging you for every step you take.

Committed onsite support, access to your classroom at all hours, and inspiration from a network of likeminded people are just a few of the things we provide, as we do everything we can to create the perfect conditions for you to learn.

With us by your side, you will be stronger, wiser and prepared for your future in no time.

FÖRKUNSKAPER

This CRISC training course is designed for IT and business professionals who are engaged at an operational or management level to mitigate risk. It is therefore an advantage to have knowledge of business and technology risk management, and the implementation of information systems controls. You should also be familiar with general IT and business terminology.

In order to get your CRISC certification, you must pass the CRISC exam and have at least three years of cumulative work experience carrying out the tasks of a CRISC professional across at least three of the ISACA CRISC domains. There are no experience waivers or substitutions allowed.

You may take the exam prior to meeting the requirements, but your CRISC designation is only awarded when all requirements are met.

Do you have what it takes?
We´ll help you decide – Call us to discuss your technical background, experience and qualifications to determine how we can help you succeed in this Readynez course.

Just call us and speak to one of our enrolment consultants.

Get in touch with us

Just fill in this simple form and we'll get in touch with you to discuss, how you can succeed in this course.

Se priser

DATES

This course is available on request.
Get in touch with us and get ready for your future.

ISACA CRISC Certification (Certified in Risk and Information Systems Control)

17. dec – 19. dec,
2018

3 dagar

Se priser

ISACA CRISC Certification (Certified in Risk and Information Systems Control)

24. apr – 26. apr,
2019

3 dagar

Se priser

WE ALSO RECOMMEND

Security

ISACA CISA certification

The goal of our 4 day accelerated Program for CISA Certification is to equip information professionals with the knowledge and technical skills for proficiency in IS audit, control and security skills.

Se kurs

4 dagar

Security

ISACA CISM-certifiering

CISM-certifieringen vänder sig till personer som hanterar, designar, överser och/eller utvärderar företags informationssäkerhet (IS).

Se kurs

4 dagar

Still looking?

Find your course

Håll dig uppdaterad med vårt nyhetsbrev

Förnamn

Fel

Efternamn

Fel

Epost

Fel

Readynez

Vi dedikerar vårt arbete till att utveckla de skarpaste individerna för att skapa bättre lösningar för framgångsrika verksamheter. Vi har gjort så sedan 2001 och har utbildat, certifierat och förberett tusentals individer för framtiden.

Läs mer

Kontakta oss

Readynez A/S
Årstaängsvägen 21 B
117 43 Stockholm
Sverige

+46 770 17 10 00
info@Readynez.se

Organisationsnummer: 502066-7050

Snabblänkar