The Mark of excellence for a professional certification program is the value and recognition it estows on the individual who achieves it. The Certified in Risk and Information Systems Control (CRISC) program, sponsored by ISACA, recognizes an idea range of professionals for their knowledge of enterprise risk and their ability to design, implement, monitor and maintain information systems (IS) controls to mitigate such risk.
The CRISC certification, renounced “see-risk”, is design for IT professional who have hands-on experience with risk identification, assessment and evaluation; risk response; risk monitoring; IS Control design and implementation; and IS control monitoring and maintenance.
The CRISC designation will not only certify professional who have knowledge and experience identifying and evaluating entity-specific risk, but also aid them in helping enterprises accomplish business objectives by designing, Implementing, monitoring, and maintaining risk based, efficient and effective IS control.
The technical skills and practices that CRISC promotes and evaluates are the building blocks of success in the field. Possessing the CRISC designation demonstrates proficiency and is the basis for measurement in the profession. with a growing demand for professionals possessing risk and control skills, CRISC has positioned itself to be the preferred certification program by individuals and enterprises around the world. CRISC certification signifies commitment to serving an enterprise and the chosen profession with distinction.
Objectives
This Seminar has been designed to prepare delegates for the CRISC examination by enabling them to supplement their existing knowledge and understanding so as to be better prepare to pass the exam, as defined by ISACA.
Target
IT professionals interested in earning Certified in Risk and Information Systems Controls (CRISC) certification. CRISC is for IT professionals, risk professionals, business analysts, project manager and/or compliance professional, how work towards evaluation and mitigation of risk, and who have job experience in the following areas
- Risk identification, assessment and evaluation
- Risk response and monitoring and
- IS control design/monitoring and implementation/maintenance.
Syllabus
Our CRISC exam preparation course assist IT Professional to accomplish the following business objectives in their enterprise:
- Designing, implementing, monitoring & maintaining risk-based, effective IS controls
- Compliance with regulatory requirements
Also covered are the 5 domains as required by ISACA:
- Risk Identification Assessment and Evaluation (RI)
- Collect information and review documentation to ensure that risk scenarios are identified and evaluated.
- Identify legal, regulatory and contractual requirements and organizational policies and standards related to information system to determine their potential impact on the business objectives.
- Identify potential threats and vurnerabilities for business process, associated data and supporting capabilities to assist in the evaluation of enterprise risk.
- Risk Response (RR)
- Identify and evaluate risk response options and provide management with information to enable risk response decisions.
- Review Risk Response with the relevant stake holders for validation of efficiency, effectiveness and economy.
- Apply risk criteria to assist in the development of the risk profile for management approval.
- Assist in the development of risk response action plans to address risk factors identified in the organizational risk profile.
- Assist in the development of business cases supporting the investment plan to ensure that risk responses are aligned with the identified business objectives.
- Risk Monitoring (RM)
- Collect and Validate data that measure key risk indicators (KRIs) to monitor and communicate their status to relevant stake holders.
- Monitor and communicate key risk indicators (KRIs) and management activities to assist relevant stake holders in their decision-making process.
- Facilitate independent risk assessments and risk management process reviews to ensure that they are performed efficiently and effectively.
- Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements.
- IS Control Design and Implementation (CD)
- Interview process owners and review process design documentation to gain an understanding of the business process objectives.
- Analyse and document business process objectives and design to identify required information system controls
- Design information systems controls in consultation with process owners to ensure alignment with business needs and objectives.
- Facilitate the identification of resources
- IS Control Monitoring and Maintenance (MM)
- Plan, supervise and conduct testing to confirm continuous efficiency and effectiveness of information system controls.
- Collect information and review documentation to identify information systems control deficiencies.
- Review information systems policies, standards and procedures to verify that they address the organization’s internal and external requirements.
- Assess and recommend tools and techniques to automate
information systems control verification processes.