Managing IT risk is no longer a technical task—it is a business-critical discipline. This course provides participants with the ability to identify, assess, and manage enterprise risks while implementing effective information systems controls. It develops cross-functional insight into how governance, risk, and control mechanisms support decision-making and resilience.
Learning Outcomes:
Identify and assess IT and enterprise risk
Evaluate risk management strategies and controls
Implement and monitor risk responses
Align information systems controls with business objectives
Key Topics:
Risk identification and evaluation techniques
Control design and implementation
Governance and compliance frameworks
Information systems audit and assurance
Certification preparation for ISACA® Certified in Risk and Information Systems Control (CRISC) certification
Exam Details
This course is designed to build participants’ understanding of key concepts and domains covered in the ISACA® Certified in Risk and Information Systems Control™ (CRISC™) certification.
The CRISC exam validates the ability to identify, assess, and manage IT and enterprise risks. It is intended for IT and business professionals responsible for implementing information system controls and managing risk.
The course includes official ISACA courseware:
The CRISC exam covers the following four domains:
| Domain | Weightage |
|---|---|
| Governance | 26% |
| IT Risk Assessment | 20% |
| Risk Response and Reporting | 32% |
| Information Technology and Security | 22% |
To maximise success, participants are strongly encouraged to complement the course with additional self-study, revision of course materials, and dedicated practice before attempting the exam.
Introduction to Certified in Risk and Information Systems Control (CRISC)
- Examination information and preparation techniques
- Understand how questions are structured
- Preparing for CRISC examination
- Certification Prerequisites, Application, Maintenance and Renewal
Domain 1 Governance
- Organisational Governance
- Organizational Strategy, Goals, and Objectives
- Organizational Structure, Roles, and Responsibilities
- Organizational Culture
- Policies and Standards
- Business Processes
- Organizational Assets
- Risk Governance
- Enterprise Risk Management and Risk Management Framework
- Three Lines of Defense
- Risk Profile
- Risk Appetite and Risk Tolerance
- Legal, Regulatory, and Contractual Requirements
- Professional Ethics of Risk Management
Domain 2 IT Risk Assessment
- IT Risk Identification
- Risk Events
- Threat Modelling and Threat Landscape
- Vulnerability and Control Deficiency Analysis
- Risk Scenario Development
- IT Risk Analysis, Evaluation & Assessment
- Risk Assessment Concepts, Standards, and Frameworks
- Risk Register
- Risk Analysis Methodologies
- Business Impact Analysis
- Inherent, Current and Residual Risk
Domain 3 Risk Response and Reporting
- Risk Response
- Risk and Control Ownership
- Risk Treatment / Risk Response Options
- Third-Party Risk Management
- Issue, Finding, and Exception Management
- Management of Emerging Risk
- Control Design and Implementation
- Control Types, Standards, and Frameworks
- Control Design, Selection, and Analysis
- Control Implementation
- Control Testing and Effectiveness Evaluation
- Risk Monitoring and Reporting
- Risk Treatment Plans
- Data Collection, Aggregation, Analysis, and Validation
- Risk and Control Monitoring Techniques
- Risk and Control Reporting Techniques
- Key Performance Indicators
- Key Risk Indicators
- Key Control Indicators
Domain 4 Information Technology and Security
- Information Technology Principles
- IT Operations Management
- Enterprise Resiliency
- Project Management
- Data Lifecycle Management
- System Development Life Cycle
- Emerging Trends in Technology
- Information Security Principles
- Information Security Concepts, Frameworks, and Standards
- Information Security Awareness Training
- Data Privacy and Principles of Data Protection
.png?width=50&name=Artificial%20Intelligence%20(AI).png)
-1.png?width=360&name=Server%20(4)-1.png)
/AI%20(6)-1-1.png?width=360&name=AI%20(6)-1-1.png)
/AI%20(8)-1.png?width=360&name=AI%20(8)-1.png)
-1.png?width=360&name=Automation%20RPA%20(2)-1.png)
/AI%20(5)-1.png?width=360&name=AI%20(5)-1.png)
