Course description

  • What’s the focus of this course?

    CRISC training from Simplilearn, aligned to ISACA 2015, ensures you ace the exam in the first attempt. The training is designed to excel you in tasks such as managing the IT risks, design, implementation, monitoring and maintenance of IS controls.

  • What are the course objectives?

    By the end of this training you will:
    • Demonstrate efficiency in designing, implementing, monitoring and maintaining the IS controls of the enterprise
    • Acquire the relevant knowledge and skills required to clear the CRISC certification exam
    • Earn the requisite 20 CPEs required to take up the CRISC certification exam
    • Develop a working knowledge of the 4 domains areas as prescribed by ISACA –Exam Candidate Information Guide 2015.

  • Who should take this course?

    CRISC certification is a globally recognized professional requirement in the IT Security domain. This certification is most suited for:
    • CEOs/CFOs
    • Chief Audit Executives
    • Audit Partners/Heads
    • CIOs/CISOs
    • Chief Compliance/Privacy/Risk Officers
    • Security Managers/Directors/Consultants
    • IT Directors/Managers/Consultants
    • Audit Directors/Managers/Consultant

Course preview

    • Domain 00 - Introduction to CRISC®

      05:44
      • 0.1 Introduction to CRISC®
        00:14
      • 0.2 Objectives
        00:26
      • 0.3 CRISC®
        00:35
      • 0.4 About ISACA
        01:20
      • 0.5 About ISACA® (contd.)
        00:42
      • 0.6 CRISC® Domains
      • 0.7 Value of CRISC®
      • 0.8 Requirements for CRISC® certification
        00:49
      • 0.9 CRISC® Exam
        00:50
      • 0.10 Quiz
      • 0.11 Summary
        00:40
      • 0.12 conclusion
        00:08
    • Domain 01 - Risk Indentification

      27:11
      • 1.1 Risk Indentification
        00:14
      • 1.2 Objectives
        01:03
      • 1.3 Task Statements
      • 1.4 Knowledge Check
      • 1.5 Knowledge Statements
      • 1.6 IT Risk Concepts
      • 1.7 Information Security Risk Concepts
        01:01
      • 1.8 Information Security Risk Concepts (contd)
        00:20
      • 1.9 Information Security Risk Concepts: Confidentiality
      • 1.10 Information Security Risk Concepts: Integrity
      • 1.11 Information Security Risk Concepts: Availability
      • 1.12 Information Security Risk Concepts: Segregation of Duties
      • 1.13 Information Security Risk Concepts: Authentication
        01:02
      • 1.14 Information Security Risk Concepts: IAAA
      • 1.15 Knowledge Check
      • 1.16 Information Security Risk Concepts: Identity Management
        01:06
      • 1.17 Information Security Risk Concepts: Identity Management
      • 1.18 Knowledge Check
      • 1.19 Risk Management Standards and Frameworks
        01:03
      • 1.20 COBIT 5 for Risk
        00:52
      • 1.21 ISO/IEC 27001 Series
        00:58
      • 1.22 ISO/IEC: 27005
      • 1.23 Risk Identification Frameworks
        00:48
      • 1.24 Threats and Vulnerabilities Related to Assets
      • 1.25 Risk Factors
        00:50
      • 1.26 Risk Factors (contd.)
        00:42
      • 1.27 Elements of Risk
        00:48
      • 1.28 Assets
        00:40
      • 1.29 Assets (contd.)
        00:47
      • 1.30 Threats
        00:35
      • 1.31 Threats (contd.)
        00:31
      • 1.32 Vulnerabilities
      • 1.33 Vulnerabilities (contd.)
      • 1.34 Vulnerabilities Assessment
        00:57
      • 1.35 Penetration Testing
        00:31
      • 1.36 Penetration Testing (contd.)
      • 1.37 Knowledge Check
      • 1.38 Developing Risk Scenarios
      • 1.39 Benefits of Using Risk Scenarios
        00:51
      • 1.40 Risk Scenario Development Tools and Techniques
        01:05
      • 1.41 Risk Scenario Development Tools and Techniques (contd.)
        00:44
      • 1.42 Risk Scenario Development Tools and Techniques (contd.)
      • 1.43 Knowledge Check
      • 1.44 Risk Communication, Awareness, and Culture
        00:34
      • 1.45 The Risk Awareness Program
        01:01
      • 1.46 The Risk Awareness Program (contd.)
      • 1.47 Risk Management Strategy
        01:02
      • 1.48 Organizational Structures and Impact on Risk
        01:09
      • 1.49 Organization Structures and Impact on Risk: RACI Model
      • 1.50 Organizational Culture, Ethics and Behavior, and the Impact on Risk
        00:39
      • 1.51 Organizational Culture, Ethics and Behavior, and the Impact on Risk (contd.)
        00:31
      • 1.52 Knowledge Check
      • 1.53 Compliance With Laws, Regulations, Standards, and Compliance Requirements
      • 1.54 Establishing an Enterprise Risk Management Approach
        00:50
      • 1.55 Risk Register
        00:26
      • 1.56 Risk Register (contd.)
      • 1.57 Knowledge Check
      • 1.58 Principles of Risk and Control Ownership
      • 1.59 Principles of Risk and Control Ownership (contd.)
      • 1.60 Risk Appetite and Tolerance
        00:49
      • 1.61 Risk Acceptance
        00:33
      • 1.62 Risk Acceptance (contd.)
        00:32
      • 1.63 Quiz
      • 1.64 Summary
        00:53
      • 1.65 Summary (contd.)
        00:39
      • 1.66 Conclusion
        00:05
    • Domain 02 - Risk Assessment

      42:11
      • 2.1 Risk Assessment
        00:24
      • 2.2 Objectives
        00:28
      • 2.3 Task Statements
        00:51
      • 2.4 Knowledge Statements
      • 2.5 Knowledge check
      • 2.6 Risk Assessment Techniques
      • 2.7 Risk Assessment Techniques (contd.)
      • 2.8 Risk Assessment Techniques (contd.)
      • 2.9 Risk Scenarios Analysis
      • 2.10 Risk Scenarios Analysis: Organizational Structure and Culture
        00:49
      • 2.11 Risk Scenarios Analysis: Policies
        00:33
      • 2.12 Risk Scenarios Analysis: Policies (contd.)
      • 2.13 Risk Scenarios Analysis: Standards and Procedures
        01:03
      • 2.14 Knowledge check
      • 2.15 Risk Scenarios Analysis: Technology
        00:41
      • 2.16 Risk Scenarios Analysis: Architecture
        00:46
      • 2.17 Risk Scenarios Analysis Controls
      • 2.18 Risk Scenarios Analysis Controls (contd.)
      • 2.19 Risk Analysis Methodologies
        00:17
      • 2.20 Risk Analysis Methodologies: Quantitative Risk Assessment
      • 2.21 Risk Analysis Methodologies: Qualitative Risk Assessment
      • 2.22 Knowledge check
      • 2.23 Risk Analysis Methodologies: Semi-quantitative Risk Assessment
        00:43
      • 2.24 Risk Analysis Methodologies: Semi-quantitative Risk Assessment(contd)
        00:34
      • 2.25 Risk Ranking
        00:41
      • 2.26 OCTAVE®
        00:45
      • 2.27 Knowledge Check
      • 2.28 Control Assessment: Current State of Controls
        00:34
      • 2.29 Control Assessment: Current State of Controls (contd.)
      • 2.30 Control Assessment: Current State of Controls (contd.)
        00:40
      • 2.31 Control Assessment: Logs
        00:27
      • 2.32 Control Assessment: Logs (contd.)
        00:39
      • 2.33 Current State of Controls: Vulnerability Assessments and Penetration Testing
        00:52
      • 2.34 Control Assessment: Vulnerability Assessments and Penetration Testing
        01:02
      • 2.35 Knowledge Check
      • 2.36 Risk Evaluation and Impact Assessment: Risk and Control Analysis
      • 2.37 Risk and Control Analysis: Data Analysis
        00:37
      • 2.38 Risk and Control Analysis: Data Analysis
      • 2.39 Risk and Control Analysis: Threat and Misuse Case Modelling
        01:22
      • 2.40 Risk and Control Analysis: Root Cause Analysis
        00:52
      • 2.41 Risk and Control Analysis: Gap Analysis
        00:41
      • 2.42 Risk and Control Analysis: Gap Analysis (contd.)
        00:36
      • 2.43 Third-Party Management
        00:48
      • 2.44 Third-Party Management: Outsourcing
        01:00
      • 2.45 Cloud
        00:41
      • 2.46 Knowledge check
      • 2.47 Third-Party Management: Contractual Requirements
        01:08
      • 2.48 IT Operations Management
        00:22
      • 2.49 IT Operations Management (contd)
        00:33
      • 2.50 System Development Lifecycle
      • 2.51 System Development Lifecycle (contd.)
        00:50
      • 2.52 System Development Lifecycle (contd.)
        00:46
      • 2.53 Emerging Technologies
      • 2.54 Emerging Technologies (contd.)
      • 2.55 Knowledge Check
      • 2.56 Enterprise Architecture
        00:46
      • 2.57 Enterprise Architecture: Hardware
        00:26
      • 2.58 Enterprise Architecture: Hardware (contd.)
        00:41
      • 2.59 Enterprise Architecture: Hardware (contd.)
        00:45
      • 2.60 Enterprise Architecture: Software
        00:44
      • 2.61 Enterprise Architecture: Software (contd)
        00:27
      • 2.62 Knowledge Check
      • 2.63 Enterprise Architecture: Applications
        00:48
      • 2.64 Enterprise Architecture: Applications (contd.)
        00:39
      • 2.65 Enterprise Architecture: Utilities
      • 2.66 Enterprise Architecture: Software Utilities
        00:49
      • 2.67 Knowledge Check
      • 2.68 Enterprise Architecture: Platforms
      • 2.69 Enterprise Architecture: Network Components
        00:38
      • 2.70 Enterprise Architecture: Network Components (contd.)
        00:27
      • 2.71 Enterprise Architecture: Network Components
        00:36
      • 2.72 Enterprise Architecture: Network Components (contd.)
        00:33
      • 2.73 Enterprise Architecture: Network Components - Cabling
      • 2.74 Enterprise Architecture: Network Components - Cabling
        00:48
      • 2.75 Knowledge Check
      • 2.76 Enterprise Architecture: Network Components-Repeaters
      • 2.77 Enterprise Architecture: Network Components - Switches
        01:01
      • 2.78 Enterprise Architecture Network: Components - Switches (contd.)
        00:25
      • 2.79 Enterprise Architecture: Network Components - Routers
        00:25
      • 2.80 Enterprise Architecture: Network Components - Routers (contd.)
        00:48
      • 2.81 Enterprise Architecture: Network Components - Routers (contd.)
        00:49
      • 2.82 Enterprise Architecture: Network Components-Firewalls
        00:50
      • 2.83 Knowledge Check
      • 2.84 Enterprise Architecture: Network Components-Firewalls
      • 2.85 Enterprise Architecture: Network Components-Proxy
        00:31
      • 2.86 Enterprise Architecture: Network Components-Domain Name System
        00:56
      • 2.87 Enterprise Architecture: Network Components-Wireless Access Points
      • 2.88 Enterprise Architecture: Network Components-Other Network Devices
        00:40
      • 2.89 Enterprise Architecture: Network Architecture
        00:41
      • 2.90 Enterprise Architecture: Network Architecture
      • 2.91 Enterprise Architecture: Network Architecture (contd.)
        01:43
      • 2.92 Knowledge Check
      • 2.93 Quiz
      • 2.94 Summary
        00:33
      • 2.95 Summary (contd.)
        00:31
      • 2.96 Conclusion
        00:06
    • Domain 03 - Risk Response

      47:52
      • 3.1 Risk Response
        00:28
      • 3.2 Objectives
        00:50
      • 3.3 Task Statements
        01:31
      • 3.4 Knowledge Statements
        00:50
      • 3.5 Knowledge Check
      • 3.6 Overview
      • 3.7 Risk Response Options
        00:32
      • 3.8 Response Risk Options: Risk Acceptance
      • 3.9 Risk Response Options: Risk Acceptance (contd.)
        00:38
      • 3.10 Risk Response Options: Risk Mitigation
        00:52
      • 3.11 Risk Response Options: Risk Avoidance
        00:37
      • 3.12 Risk Response Options: Risk Avoidance (contd.)
        00:39
      • 3.13 Risk Response Options: Risk Sharing
        00:42
      • 3.14 Knowledge Check
      • 3.15 Response Analysis
        00:48
      • 3.16 Response Analysis (contd.)
        00:33
      • 3.17 Response Response Options: Risk Acceptance
      • 3.18 Response Analysis: Return on Investment
        00:50
      • 3.19 Response Analysis: Return on Investment (contd.)
        00:42
      • 3.20 Risk Response: Plans Developing a Risk Response Plan
        00:47
      • 3.21 Risk Response: Plans Developing a Risk Response Plan (contd.)
        00:31
      • 3.22 Risk Response: Plans Developing a Risk Response Plan (contd.)
      • 3.23 Knowledge Check
      • 3.24 Risk Response: Plans Developing a Risk Response Plan (contd.)
        00:50
      • 3.25 Risk Response: Plans Developing a Risk Response Plan (contd.)
      • 3.26 Control Objectives and Practices
        00:48
      • 3.27 Control Objectives and Practices: Business Processes
        01:07
      • 3.28 Control Objectives and Practices: Information Security
        01:02
      • 3.29 Control Objectives and Practices:Information Security (contd.)
      • 3.30 Knowledge Check
      • 3.31 Control Objectives and Practices: Third-party Management
        01:03
      • 3.32 Control Objectives and Practices: Third-party Management (contd.)
        00:44
      • 3.33 Control Objectives and Practices: Data Management
        01:00
      • 3.34 Control Objectives and Practices: Data Management (contd.)
        00:42
      • 3.35 Control Objectives and Practices: Data Management-Cryptography
        00:33
      • 3.36 Knowledge Check
      • 3.37 Control Objectives and Practices: Information Systems Architecture
        00:34
      • 3.38 Control Objectives and Practices: Information Systems Architecture (contd.)
        01:19
      • 3.39 Knowledge Check
      • 3.40 Control Objectives and Practices: Information Systems Architecture (contd.)
        00:44
      • 3.41 Control Objectives and Practices: Information Systems Architecture (contd.)
        01:15
      • 3.42 Control Objectives and Practices: Information Systems Architecture (contd.)
        00:38
      • 3.43 Control Objectives and Practices: Information Systems Architecture (contd.)
        00:30
      • 3.44 Control Objectives and Practices: Information Systems Architecture (contd.)
        00:35
      • 3.45 Control Objectives and Practices: Information Systems Architecture (contd.)
        00:56
      • 3.46 Control Objectives and Practices: Information Systems Architecture (contd.)
        01:08
      • 3.47 Control Objectives and Practices: Information Systems Architecture (contd.)
        01:41
      • 3.48 Knowledge Check
      • 3.49 Control Ownership
        00:37
      • 3.50 Systems Control Design Implementation
        00:35
      • 3.51 SystemsControl Design Implementation: Unit Testing
      • 3.52 Systems Control Design Implementation: System Testing
        01:19
      • 3.53 Systems Control Design Implementation: System Testing (contd.)
        00:40
      • 3.54 Systems Control Design Implementation: System Testing (contd.)
        00:44
      • 3.55 Knowledge Check
      • 3.56 Systems Control Design Implementation: Quality Assurance
        00:49
      • 3.57 Systems Control Design Implementation: Quality Assurance (contd.)
        00:29
      • 3.58 Systems Control Design Implementation: Others
      • 3.59 Systems Control Design Implementation: Go-live Techniques
      • 3.60 Systems Control Design Implementation: Post-implementation Review
        00:59
      • 3.61 Systems Control Design Implementation: Project Closeout
      • 3.62 Knowledge Check
      • 3.63 Controls and Countermeasures
      • 3.64 Controls and Countermeasures: Control Matrix
        00:34
      • 3.65 Controls and Countermeasures: Control Standards and Frameworks
        00:56
      • 3.66 Controls and Countermeasures: Categories of Controls Interactivity
        00:57
      • 3.67 Knowledge Check
      • 3.68 Business Continuity and Disaster Recovery Management
        01:22
      • 3.69 Business Continuity and Disaster Recovery Management (contd.)
        01:02
      • 3.70 Business Continuity and Disaster Recovery Management (contd.)
        01:05
      • 3.71 Business Continuity and Disaster Recovery Management (contd.)
        00:42
      • 3.72 Knowledge Check
      • 3.73 Exception Management
        00:48
      • 3.74 Risk Ownership and Accountability
        00:51
      • 3.75 Inherent and Residual Risk
        00:37
      • 3.76 Inherent and Residual Risk (contd.)
        00:50
      • 3.77 Inherent and Residual Risk (contd.)
        00:35
      • 3.78 Quiz
      • 3.79 Summary
        00:41
      • 3.80 Summary (contd.)
        01:35
      • 3.81 Conclusion
        00:06
    • Domain 04 - Risk and Control Monitoring and Reporting

      09:53
      • 4.1 Risk and Control Monitoring and Reporting
        00:23
      • 4.2 Objectives
        00:17
      • 4.3 Task Statements
        00:52
      • 4.4 Knowledge Statements
      • 4.5 Knowledge Check
      • 4.6 Key Risk Indicators (KRIs)
      • 4.7 KRIs Selection
        00:47
      • 4.8 Benefits of KRIs
        00:24
      • 4.9 KRIs Effectiveness
      • 4.10 KRIs Optimization
      • 4.11 Knowledge Check
      • 4.12 KRIs Maintenance
        00:32
      • 4.13 Data Collection
      • 4.14 Data Collection (contd.)
      • 4.15 Knowledge Check
      • 4.16 Monitoring Controls
        00:46
      • 4.17 Monitoring Controls (contd.)
        00:53
      • 4.18 Monitoring controls (contd.)
      • 4.19 Control Assessment
      • 4.20 Knowledge Check
      • 4.21 Vulnerability Assessments
        01:06
      • 4.22 Penetration Testing
        01:04
      • 4.23 Third-party Assurance
        00:27
      • 4.24 Results of Control Assessments
        00:31
      • 4.25 Maturity Model Assessment and Improvement Techniques
        00:43
      • 4.26 Capability Maturity Model
      • 4.27 Knowledge Check
      • 4.28 IT Risk Profile
      • 4.29 Quiz
      • 4.30 Summary
        00:57
      • 4.31 Conclusion
        00:06
      • 4.32 Thank you
        00:05
    • {{childObj.title}}

      • {{childObj.childSection.chapter_name}}

        • {{lesson.title}}
      • {{lesson.title}}

    View More

    View Less

Exam & certification

  • To become a CRISC certified professional you need to meet the following requirements:
    • Successful completion of the CRISC examination
    • IT risk management and information systems control experience
    • Adherence to the Code of Professional Ethics
    • Adherence to the Continuing Professional Education (CPE) Policy

  • To become a CRISC certified professional, you need to fulfill the following criteria:
    • A completed application must be submitted within 5 years from the date of initially passing the examination.
    • This experience must have been gained within the 10-year period preceding the application date for certification or within five years of passing the examination.
    • Three (3) or more years of cumulative work experience performing the tasks of a CRISC professional across at least two (2) CRISC domains, of which One must be in Domain 1 or 2, is required for certification. There are no substitutions or experience waivers.

  • What do I need to do to unlock my certificate?

    OSL:
    1. Complete 85% of the course.
    2. Complete 1 simulation test with a minimum score of 60%.

FAQs

  • What all will I get as part of the training?

    You get access to our e-learning content along with the practice simulation tests that help you tackle the toughest of the exam questions. You will also get an online participant handbook with cross references to the e-learning for reinforcement of your learning.

  • Is exam fee included in the course fee?

    No. The exam fee is not included in the course fee as it is directly paid to ISACA for the membership, application and examination.

  • How many questions are there in the CRISC certification exam?

    ISACA uses and reports scores on a common scale from 200 to 800. For example, the scaled score of 800 represents a perfect score with all questions answered correctly; a scaled score of 200 is the lowest score possible and signifies that only a small number of questions were answered correctly. You need to achieve a score of 450 or higher to pass the CRISC® Exam.

  • What certification will I receive after completing the training?

    After successful completion of the training, you will be awarded the course completion certificate along with the 20 CPE hour certificate from Simplilearn.

  • What is the date of the next CRISC exam?

    CRISC exam is conducted thrice in a year in the months of July, September and December. To find the exam locations & dates go to (www.isaca.org/certification/pages/exam-locations.aspx)

  • Can I defer my exam?

    If you are unable to take the exam, you can request a deferral of your registration fees to the next exam date. To learn more about deferring your exam, including deferral deadlines and costs, please visit http://www.isaca.org/certification/pages/exam-deferral.aspx.

  • Do you provide assistance for the exam application process?

    Yes, we do provide assistance for the exam application process. You can state your queries on community.simplilearn.com and get them answered along with any other query or concern that you might have about the course.

  • How does Simplilearn assure me that the training and course material delivered are effective?

    Our CRISC course is developed to deliver a first attempt pass rate of 100%. With a hands-on learning approach, the training not only gives you the confidence to clear the exam but also helps you retain the knowledge beyond the examination.

  • Can I cancel my enrollment? Will I get a refund?

    Yes, you can cancel your enrollment. We provide you a refund after deducting the administration fee. To know more, please go through our Refund Policy.

  • I’d like to learn more about this training program. Who should I contact?

    Contact us using the form on the right of any page on the Simplilearn website, or select the Live Chat link. Our customer service representatives will be able to give you more details.

    • Disclaimer
    • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.