1 - Introduction to IT Risk Management
Governance and Risk managementThe Context of IT Risk ManagementKey Concepts of RiskRisk in Relation to Other Business FunctionsIT Risk Management Good Practices
2 - IT Risk Assessment
Risk Capacity, Risk Appetite and Risk ToleranceRisk Culture and CommunicationElements of RiskInformation Security Risk Concepts and PrinciplesThe IT Risk Strategy of the BusinessIT Concepts and Areas of Concern for the Risk PractitionerMethods of Risk IdentificationIT Risk ScenariosOwnership and AccountabilityThe IT Risk RegisterRisk Awareness
3 - IT Risk Assessment
Risk Assessment TechniquesAnalyzing Risk ScenariosCurrent State of ControlsChanges in the Risk EnvironmentProject and Program ManagementRisk and Control AnalysisRisk Analysis MethodologiesRisk RankingDocumenting Risk Assessments
4 - Risk Response and Mitigation
Aligning Risk Response with Business ObjectivesRisk Response OptionsAnalysis TechniquesVulnerabilities Associated with New ControlsDeveloping a Risk Action PlanBusiness Process Review Tools and TechniquesControl Design and ImplementationControl Monitoring and EffectivenessTypes of RiskControl Activities, Objectives, Practices and MetricsSystems Control Design and ImplementationImpact of Emerging Technologies on Design and Implementation of ControlsControl OwnershipRisk management Procedures and Documentation
5 - Risk and Control Monitoring and Reporting
Key Risk IndicatorsKey Performance IndicatorsData Collection and Extraction Tools and TechniquesMonitoring ControlsControl Assessment TypesResults of Control AssessmentsChanges to the IT Risk Profile
Actual course outline may vary depending on offering center. Contact your sales representative for more information.
Who is it For?
The CRISC credential is intended for risk and control professionals, including: