CRISC

ISACA’s Certified in Risk and Information Systems Control™ certification is an enterprise risk management qualification, favoured by professionals looking to build upon their existing knowledge and experience of IT/Business risk, identification and implementation of information system controls. It is an enterprise risk management qualification for IT professionals from ISACA which demonstrates you have what it takes to manage the ongoing challenges of enterprise risk and design risk-based IS controls, delivering significant value for your organisation.

Category:

ISACA’s Certified in Risk and Information Systems Control™ certification is an enterprise risk management qualification, favoured by professionals looking to build upon their existing knowledge and experience of IT/Business risk, identification and implementation of information system controls. The certification requires pre-requisite skills such as the ability to manage the ongoing challenges of enterprise risk and to design risk based information system controls. CRISC is one of the foremost certifications which help particularly IT professionals prepare for real world threats, with appropriate tools to both evaluate and manage risk. The CRISC certification is widely seen as the go-to accreditation for experts in the field of risk and information systems controls or those looking to progress their careers in this area.

This certification is targeted for professionals whose job or associated responsibility it is to manage company risks and controls. This includes the following roles:

  • IT professionals
  • Risk professionals
  • Control professionals
  • Business analysts
  • Project managers
  • Compliance professionals

CISSP certification is not only an objective measure of excellence, but a globally recognized standard of achievement for security training. Makintouch provides comprehensive CISSP training for participants who wish to gain expertise in defining the design, architecture, management and controls leading to a secure business environment. Individuals possessing this vendor neutral credential are high in demand by corporations all over the world who want to protect their organizations from a growing spurt of sophisticated cyber attacks.

Course Objectives

  • Understand the basics of telecommunication and network security concepts, required components for minimizing security risks, securing channels of communication, and techniques for preventing and detecting network-based attacks.
  • Identify the key terms and processes of security operations and how to protect and control information processing assets in a centralized or distributed environment in this CISSP training.
  • Define and apply information security governance and Risk Management Framework including the policies, concepts, principles, structures and standards that are established for the protection of information assets and how to assess the effectiveness of that protection
  • Gain the required skills to design the architecture and manage IT security in an enterprise environment through this authorized CISSP course

Course Outline

Module 1
    – Risk Capacity, Risk Appetite and Risk Tolerance
    – Risk Culture and Communication
    – Elements of Risk
    – Information Security Risk Concepts and Principles
    – The IT Risk Strategy of the Business
    – IT Concepts and Areas of Concern for the Risk Practitioner
    – Methods of Risk Identification
    – IT Risk Scenarios
    – Ownership and Accountability
    – The IT Risk Register
    – Risk Awareness

Module 2
    – Risk Assessment Techniques
    – Analyzing Risk Scenarios
    – Current State of Controls
    – Changes in the Risk Environment
    – Project and Program Management
    – Risk and Control Analysis
    – Risk Analysis Methodologies
    – Risk Ranking
    – Documenting Risk Assessments

Module 3
    – Aligning Risk Response With Business Objectives
    – Risk Response Options
    – Analysis Techniques
    – Vulnerabilities Associated With New Controls
    – Developing a Risk Action Plan
    – Business Process Review Tools and Techniques
    – Control Design and Implementation
    – Control Monitoring and Effectiveness
    – Types of Risk
    – Control Activities, Objectives, Practices and Metrics
    – Systems Control Design and Implementation
    – Impact of Emerging Technologies on Design and Implementation of Controls
    – Control Ownership
    – Risk Management Procedures and Documentation
    – Key Risk Indicators
    – Key Performance Indicators
    – Data Collection and Extraction Tools and Techniques
    – Monitoring Controls
    – Control Assessment Types
    – Results of Control Assessments
    – Changes to the IT Risk Profile

Reviews

There are no reviews yet.

Be the first to review “CRISC”