Description
Duration: 3 days
This course prepares candidates to sit for the CRISC exam while developing hands-on competency in IT risk management and information systems control. It is structured around the current ISACA CRISC framework and addresses risk identification, risk response planning, and control monitoring. Students will work through practical scenarios and exam preparation exercises to build the skills needed for roles in enterprise risk and compliance.
Target Audience
- Security Directors, Managers, and Consultants
- Compliance, Risk, and Privacy Directors and Managers
- IT Audit Directors, Managers, and Consultants
- Compliance, Risk, and Control Staff
Prerequisites
- At least three years of professional experience in information systems auditing, control, or security
What’s included?
- Authorized Courseware
- Intensive Hands on Skills Development with an Experienced Subject Matter Expert
- Hands on practice on real Servers and extended lab support 1.800.482.3172
- Examination Vouchers & Onsite Certification Testing – (excluding Adobe and PMP Boot Camps)
- Academy Code of Honor: Test Pass Guarantee
- Optional: Package for Hotel Accommodations, Lunch and Transportation
With several convenient training delivery methods offered, The Code Academy makes getting the training you need easy. Whether you prefer to learn in a classroom or an online live learning virtual environment, training videos hosted online, and private group classes hosted at your site. We offer expert instruction to individuals, government agencies, non-profits, and corporations. Our live classes, on-sites, and online training videos all feature certified instructors who teach a detailed curriculum and share their expertise and insights with trainees. No matter how you prefer to receive the training, you can count on The Code Academy for an engaging and effective learning experience.
Methods
- Instructor Led (the best training format we offer)
- Live Online Classroom – Online Instructor Led
- Self-Paced Video
Speak to an Admissions Representative for complete details
| Start | Finish | Public Price | Public Enroll | Private Price | Private Enroll |
|---|---|---|---|---|---|
| 5/25/2026 | 5/27/2026 | ||||
| 6/15/2026 | 6/17/2026 | ||||
| 7/6/2026 | 7/8/2026 | ||||
| 7/27/2026 | 7/29/2026 | ||||
| 8/17/2026 | 8/19/2026 | ||||
| 9/7/2026 | 9/9/2026 | ||||
| 9/28/2026 | 9/30/2026 | ||||
| 10/19/2026 | 10/21/2026 | ||||
| 11/9/2026 | 11/11/2026 | ||||
| 11/30/2026 | 12/2/2026 | ||||
| 12/21/2026 | 12/23/2026 | ||||
| 1/11/2027 | 1/13/2027 | ||||
| 2/1/2027 | 2/3/2027 | ||||
| 2/22/2027 | 2/24/2027 | ||||
| 3/15/2027 | 3/17/2027 | ||||
| 4/5/2027 | 4/7/2027 | ||||
| 4/26/2027 | 4/28/2027 |
Learning Objectives
- Identify and evaluate IT and enterprise risk in alignment with organizational business objectives
- Select and implement appropriate information security and information systems controls
- Develop risk response and mitigation strategies that reflect business priorities
- Design governance processes to support ongoing monitoring and risk reporting
- Prepare for the CRISC exam using practical scenarios, exam-focused review, and practice questions
Course Outline
Module Domain 1: Governance
Addresses risk assessment concepts, standards, and frameworks; organizational strategy, goals, and objectives; organizational structure, roles, and responsibilities; organizational culture and assets; policies, standards, and business processes; enterprise risk management and risk management frameworks including the three lines of defense; risk profile, risk appetite, and risk tolerance; and professional ethics requirements in laws, regulations, and controls.
Module Domain 2: IT Risk Assessment
Addresses risk events, threat modeling, and the threat landscape; vulnerability and control deficiency analysis; risk scenario development; the risk register; risk analysis methodologies; business impact analysis; and inherent, residual, and current risk.
Module Domain 3: Risk Response and Reporting
Addresses risk treatment options and risk response strategies; risk and control ownership; managing risk from internal processes, third parties, and emerging sources; control types, standards, and frameworks; control design, selection, and analysis; control implementation, testing, and effectiveness evaluation; risk treatment plans; data collection, aggregation, analysis, and validation; risk and control monitoring and reporting techniques; and performance, risk, and control metrics.
Module Domain 4: Information Technology and Security
Addresses enterprise architecture; IT operations management; project management; disaster recovery management; data life cycle management; the system development life cycle; emerging technologies; information security concepts, frameworks, standards, and awareness training; business continuity management; and data privacy and protection principles.
