Certified in Risk and Information Systems Control (CRISC®) Online Review Course - Self-paced

Length 365 days access
Price $2269 inc GST

Course overview

Book now

Why study this course

Modern businesses face a diverse collection of obstacles, potential dangers and risk exposure. ISACA’s Certified in Risk and Information Systems Control (CRISC®) certification indicates expertise in identifying and managing enterprise IT risk, and implementing and maintaining information systems controls. This course and certification is designed for mid-career IT and business professionals who identify and manage risk through the development, implementation and maintenance of appropriate information systems (IS) controls. CRISC certification confirms an individual’s skills and knowledge to secure the modern enterprise against escalating threats.

The CRISC Online Review Course is an online preparation course that prepares learners to pass the CRISC certification exam using proven instructional design techniques and interactive activities. The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice.

The course incorporates video, interactive eLearning modules, downloadable, interactive workbooks, downloadable job aids, case study activities, and practice exam. Learners will be able to navigate the course at their own pace, following a recommended structure, or target preferred job practice areas. Learners may also start and stop the course based on their study schedule, picking up exactly where they left off the next time, they access the course.

This course has a seat time of approximately 16 hours and is accessed via the Learning Access tab of your MyISACA dashboard.

Please note: The exam is not included in the course fee but can be purchased separately. Please contact us for a quote.

Request Course Information

What you’ll learn

CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyse, evaluate, assess, prioritise and respond to risks. This enhances benefits realisation and delivers optimal value to stakeholders.

ISACA at Lumify Work

ISACA provides practical guidance, benchmarks and other effective tools for all enterprises that use information systems. Through its comprehensive guidance and services, ISACA defines the roles of information systems governance, security, audit and assurance professionals worldwide.

Lumify Work is an Accredited Elite Partner of ISACA.

View all ISACA at Lumify Work courses

Who is the course for?

This course is designed for mid-career IT and business professionals, including:

Security Directors, Managers, and Consultants
Compliance/Risk/Privacy Directors and Managers
IT Audit Directors, Managers, and Consultants
Compliance/Risk/Control Staff

Course subjects

Domain 1: Risk Governance

A. Organisational Governance

Organisational Strategy, Goals, and Objectives
Organisational Structure, Roles, and Responsibilities
Organisational Culture
Policies and Standards
Business Processes
Organisational Assets

B. Risk Governance

Enterprise Risk Management and Risk Management Framework
Three Lines of Defence
Risk Profile
Risk Appetite and Risk Tolerance
Legal, Regulatory, and Contractual Requirements
Professional Ethics of Risk Management

Domain 2: IT Risk Assessment

A. IT Risk Identification

Risk Events (e.g., contributing conditions, loss result)
Threat Modelling and Threat Landscape
Vulnerability and Control Deficiency Analysis (e.g., root cause analysis)
Risk Scenario Development

B. IT Risk Analysis and Evaluation

Risk Assessment Concepts, Standards, and Frameworks
Risk Register
Risk Analysis Methodologies
Business Impact Analysis
Inherent and Residual Risk

Domain 3: Risk Response and Reporting

A. Risk Response

Risk Treatment / Risk Response Options
Risk and Control Ownership
Third-Party Risk Management
Issue, Finding, and Exception Management
Management of Emerging Risk

B. Control Design and Implementation

Control Types, Standards, and Frameworks
Control Design, Selection, and Analysis
Control Implementation
Control Testing and Effectiveness Evaluation

C. Risk Monitoring and Reporting

Risk Treatment Plans
Data Collection, Aggregation, Analysis, and Validation
Risk and Control Monitoring Techniques
Risk and Control Reporting Techniques (heatmap, scorecards, dashboards)
Key Performance Indicators
Key Risk Indicators (KRIs)
Key Control Indicators (KCIs)

Domain 4: Information Technology and Security

A. Information Technology Principles

Enterprise Architecture
IT Operations Management (e.g., change management, IT assets, problems, incidents)
Project Management
Disaster Recovery Management (DRM)
Data Lifecycle Management
System Development Life Cycle (SDLC)
Emerging Technologies

B. Information Security Principles

Information Security Concepts, Frameworks, and Standards
Information Security Awareness Training
Business Continuity Management
Data Privacy and Data Protection Principles
Secondary Classifications

Supporting Tasks

Prerequisites

There are no prerequisites for taking this course or the CRISC Exam. However, in order to apply for CRISC certification, the candidate must meet the necessary experience requirements as determined by ISACA.

To obtain the CRISC Certification, a candidate must pass the CRISC Exam and have the relevant full-time work experience in the CRISC exam content outline: three or more years of experience in IT risk management and IS control.

Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.