Course Content

Module 1: Welcome and Intro

02:40
1.1 Welcome and Introduction
02:46
1.2 Who is ISACA?
04:49
1.3 Who Should Take the CRISC?
04:24
1.4 The Exam

Module 2: Preliminary

04:25
2.1 Introduction to Information Security Risks
07:25
2.2 Risk Governance vs. Risk Management
10:07
2.3 Risk Definitions
07:14
2.4 IT Risk Management
08:40
2.5 IT Security Basics
06:14
2.6 Risk Management for IT Projects
03:25
2.7 ISACA's Framework and Lifecycle
03:05
2.8 Review Questions

Module 3: Risk Identification

02:50
3.1 Risk Identification Intro
08:45
3.2 ISO 27005 Framework
09:29
3.3 NIST 800-39 Risk Framing
01:13
3.4 NIST 800-39 Risk Assessment
07:01
3.5 NIST 800-39 Risk Response
06:23
3.6 NIST 800-39 Risk Monitoring
04:01
3.7 NIST 800-30 Intro
05:51
3.8 NIST 800-30 Risk Assessment Methodology
08:14
3.9 NIST 800-37 Revision 1 and Revision 2
15:34
3.10 Alignment with the Business
09:40
3.11 Risk Culture
07:02
3.12 Roles and Responsibilities
09:49
3.13 The Risk Register
08:10
3.14 Risk Scenarios
06:58
3.15 Hardware and Software Risks
08:30
3.16 Network Risks
03:53
3.17 Emerging Risks
02:21
3.18 Third Party Risks

Module 4: Risk Assessment

02:34
4.1 Risk Assessment Intro
08:06
4.2 Tools and Techniques Part 1
06:44
4.3 Tools and Techniques Part 2
08:00
4.4 Business Impact Analysis
02:04
4.5 Controls Assessment
03:11
4.6 Stride Threat Modeling
06:43
4.7 Gap Analysis
14:14
4.8 Risk Analysis Methodologies
04:03
4.9 Risk Assessment Report

Module 5: Risk Mitigation

04:32
5.1 Risk Mitigation Reduction
05:20
5.2 Risk Mitigation Transference and Acceptance
05:45
5.3 Information Security Concepts
04:34
5.4 Security Program Requirements
02:16
5.5 Essential Elements of an Information Security Program
07:55
5.6 Introduction to Information Security Frameworks - ISO 27002
05:20
5.7 Information Security Frameworks
03:05
5.8 Information Security Architecture
07:31
5.9 Security Operations Event Monitoring
07:39
5.10 Secure Engineering and Threat Modeling
06:52
5.11 Protecting the Network - Segmentation
06:03
5.12 Protecting the Network - Wireless Security
06:05
5.13 Protecting the Network - Services
02:49
5.14 Protecting the Network Through Detection and Network Access Control
04:59
5.15 Data and Endpoint Security
06:49
5.16 Selecting a Mitigation Strategy
07:52
5.17 Types of Mitigating Controls
05:14
5.18 Identity and Access Management
07:17
5.19 Third Party Governance
05:06
5.20 Policies, Procedures, Standards, and Guidelines
08:51
5.21 Certification and Accreditation

Module 6: Risk Monitoring and Control

05:41
6.1 Risk, Control Monitoring, and Reporting
10:53
6.2 Key Risk Indicators (KRIs)
05:21
6.3 Tools for Risk Monitoring

Course Description

What is the CRISC certification by ISACA? Certified in Risk and Information Systems Control is for IT and business professionals who develop and maintain information system controls, and whose job revolves around security operations and compliance. The CRISC is quickly being implemented into operational and management level positions at organizations of almost any size. While similar to CISA or CISM, this course focuses on four main areas: Risk Identification, Assessment, Response and Mitigation, and Control Monitoring and Reporting. Our CRISC course will prepare you for identifying, evaluating and managing risk through construction, implementation and maintenance of IS controls.

About the Online CRISC Training Class

This CRISC free training course from Cybrary has a manageable scope of content, running at just over five hours. Although it is relatively short, one's understanding of IT risk management upon completion will be lifted to a confident level. Syndicating the CRISC training course throughout your organization will, without a doubt, improve the risk management competence of the organization collectively. Get started with this online CRISC training course below. The CRISC training course on Cybrary is aimed to both prepare an individual with the skill sets to accomplish and enact the certification's main objectives as stated above, but also to prepare the student for the certification exam. In this class, the primary five domains of CRISC are covered. The CRISC certification domains include:

  1. Risk Identification Assessment and Evaluation (RI)
  2. Risk Response (RR)
  3. Risk Monitoring (RM)
  4. IS Control Design and Implementation (CD)
  5. IS Control Monitoring and Maintenance (MM)

About the Online CRISC Certification

Upon achieving CRISC, an individual has proven a strong level of understanding and capability to enact best-practice information systems controls. Employees and managers who possess this continually updated certification have studied and prepared for a rigorous exam around modern enterprise risk management. The CRISC by the internationally recognized ISACA organization, is developed by a team of risk management industry leading professionals. The certification is designed to ensure that those that achieve it, are equipped to benefit their organizations in the following ways: - Firmly understand the impact of IT and Enterprise risk and how risk affects their organization.

  • Can effectively prepare and enact strategic and focused plans to mitigate risk.
  • Make competent risk-based decisions.
  • Set common language and perspective risks that can become the baseline for risk management within their organizations.

This certification is ideal for anyone involved in risk management within their organization, including the following personnel: IT, Cyber Security, Business Analysts, Risk Professionals, PM's, Management / Executives The CRISC certification is an ANSI accredited certification, and is therefore an internationally recognized standard of performance. - - - - - -

CEU / CPE: 7 Total Clock Hours: 6 hours, 22 minutes