CRISC® training, IS risk management, preparation for certification

  • Master the risk management approach according to CRISC
  • Apply the best response strategies to the risks weighing on the information system
  • Use best risk monitoring practices
  • Define information system controls
  • Use best practices to monitor and maintain these controls.

CRISC exam candidates and anyone keen to improve their knowledge in the field of risk management and IS control.

Participants should have a basic knowledge of the areas to be covered. The course consists of intense preparation for the certification exam. English required.

5 Days.

Practical exercises and demonstrations will allow you to put into practice the theoretical concepts presented.

For “Distance” training, they are carried out with a Teams or Zoom type videoconferencing tool depending on the case, allowing the trainer to adapt his teaching methods.
Find on our website all the details about distance sessions or virtual classes.

  • Introduction to Certified in Risk and Information Systems Control
  • General presentation of CRISC.
  • Presentation of the exam model and the certification process.
  • Domain 1: risk identification, analysis and assessment
  • Risk management standards: ISO 31000, ISO 27005 …
  • Risk management frameworks: RISK IT, COSO ERM, COBIT …
  • Components, principles and concepts of corporate risk management.
  • Risks at different levels of the company.
  • Methods of identifying risks.
  • Methods of risk analysis and assessment.
  • Quantitative and qualitative risk analyzes.
  • Domain 2: risk responses
  • Risk treatment methods.
  • Risk mitigation and control of the Information System.
  • Risk reduction.
  • Risk transfer.
  • Acceptance of residual risks.
  • Risk treatment plans.
  • Domain 3: risk monitoring
  • Risk treatment life cycle.
  • Monitoring of risks treated.
  • Monitoring of residual risks.
  • Risk management performance evaluation and risk reporting.
  • Key Risk Indicators (KRIs).
  • Risk management & business resilience.
  • Domain 4: information system controls
  • Definition of IS controls.
  • Implementation of IS controls.
  • Measurement of processes and services linked to IS controls.
  • Domain 5: IT control lifecycle
  • Strategic planning of the IT control lifecycle management.
  • Scope, objectives and benefits of IT control lifecycle management programs.
  • Permanent monitoring of IS controls.
  • Maintenance of IS controls.
  • Continuous improvement of risk management and IS controls.
  • Periodic reporting of the effectiveness of IS controls.
  • Preparation for the exam
  • Discussions and exchanges. Good practices for passing the exam.
  • Exam simulation and collective correction.

Exam
Mock exam.