Training Objectives This Seminar has been designed to prepare delegates for the CRISC examination by enablingĀ them to supplement their existing knowledge and understanding so as to be better prepare toĀ pass the exam,as defined by ISACA. Who should Attend IT professionals interested in earning Certified in Risk and Information Systems ControlsĀ (CRISC) certification. CRISC is for IT professionals,risk professionals,business analysts,projectĀ manager and/or compliance professional, how work towards evaluation and mitigation ofĀ risk, and who have job experience in the following areas.
  • Risk identification,assessment and evaluation
  • Risk response and monitoring and
  • IS control design/monitoring and implementation/maintenance.
Course Syllabus Our CRISC exam preparation course assist IT Professional to accomplish the following businessĀ objectives in their enterprise :
  • Designing,implementing,monitoring & maintaining risk-based,effective IS controls
  • Compliance with regulatory requirements
Also covered are the 5 domains as required by ISACA : 1. Risk Identification Assesment and Evaluation (RI) Collect information and review documentation to ensure that risk scenarios are Ā identified and evaluated.
  • Identify legal,regulatory and contractual requirements and organizational policies Ā and standards related to information system to determine their potential impactĀ on the business objectives.
  • Identify legal,regulatory and contractual requirements and organizational policies Ā and standards related to information system to determine their potential impactĀ on the business objectives.
  • Identify potential threats and vurnerabilities for business process, associated dataĀ and supporting capabilities to
2. Risk Response (RR)
  • Identify and evaluate risk response options and provide management with information to enable risk response decisions.
  • Review Risk Response with the relevant stake holders for validation of efficiency,effectiveness and economy.
  • Apply risk criteria to assist in the development of the risk profile for management approval.
  • Assist in the development of risk response action plans to address risk factors identified in the organizational risk profile.
  • Assist in the development of business cases supporting the investment plan to ensure that risk responses are aligned with the identified business objectives.
3. Risk Monitoring (RM)
  • Collect and Validate data that measure key risk indicators (KRIs) to monitor andĀ communicate their status to relevant stake holders.
  • Monitor and communicate key risk indicators (KRIs) and management activitiesĀ to assist relevant stake holders in their decision-making process.
  • Facilitate independent risk assessments and risk management process reviews toĀ ensure that they are perfomed efficiently and effectively.
  • Identify and report on risk,including compliance,to initiate corrective action andĀ meet business and regulatory requirements.
4. IS Control Design and Implementation (CD)
  • Interview process owners and review process design documentation to gain anĀ understanding of the business process objectives.
  • Analyze and document business process objectives and design to identifyĀ required information system controls
  • Design information systems controls in consultation wth process owners toĀ ensure alignment with business needs and objectives.
  • Facilitate the indetification of resources
5. IS Control Monitoring and Maintenance (MM)
  • Plan,supervise and conduct testing to confirm continuous efficiency andĀ effectiveness of information system controls.
  • Collect information and review documentation to identify information systemsĀ control deficiencies.
  • Review information systems policies,standards and procedures to verify that theyĀ address the organization’s internal and external requirements.
  • Assess and recommend tools and techniques to automate information systemsĀ control verification processes.

Training

Pelatihan CRISC (Certified in Risk and Information Systems Control) – Standar Global dari ISACA untuk Praktisi Risiko dan Pengendalian Sistem Informasi

Keunggulan Utama Pelatihan CRISC di ITGID

Kurikulum resmi berbasis kerangka kerja ISACA

Instruktur berpengalaman di bidang GRC dan manajemen risiko TI

Pendekatan praktis berbasis studi kasus nyata

Disampaikan dalam Bahasa Indonesia, materi dalam Bahasa Inggris

Fokus pada persiapan ujian dan penerapan langsung di dunia kerja

Terhubung ke komunitas profesional GRC di Indonesia

Deskripsi Singkat Pelatihan

CRISC adalah sertifikasi internasional dari ISACA yang diakui secara global bagi para profesional yang bertanggung jawab dalam identifikasi, evaluasi, respon, serta pemantauan risiko, serta desain dan pengelolaan pengendalian sistem informasi. Pelatihan ini dirancang untuk membekali Anda dengan pengetahuan, keterampilan teknis, dan pendekatan strategis untuk mengelola risiko TI yang terintegrasi dengan tujuan bisnis.

Sasaran Peserta

Pelatihan ini ideal untuk

Profesional TI yang ingin memperoleh sertifikasi CRISC

Praktisi manajemen risiko TI

Business Analyst dan Project Manager

Profesional kepatuhan dan tata kelola TI

Siapa saja yang terlibat dalam pengelolaan dan pengendalian risiko sistem informasi

Ringkasan Silabus Pelatihan

Materi pelatihan mencakup 5 domain utama dalam kerangka kerja CRISC

Identifikasi, Penilaian, dan Evaluasi Risiko

  • Menilai risiko organisasi berdasarkan dokumentasi, kebijakan, dan standar internal/eksternal.
  • Mengenali ancaman dan kerentanan terhadap proses bisnis dan data pendukung.

Tanggapan terhadap Risiko

  • Menyusun opsi tanggapan risiko dan menyelaraskannya dengan tujuan bisnis.
  • Menyusun rencana aksi dan business case untuk mitigasi risiko yang efektif.

Pemantauan Risiko

  • Mengukur dan memantau indikator risiko utama (KRI).
  • Melakukan penilaian independen dan pelaporan risiko untuk pengambilan keputusan.

Desain dan Implementasi Pengendalian Sistem Informasi

  • Menganalisis proses bisnis dan merancang kontrol sistem yang sesuai.
  • Berkolaborasi dengan pemilik proses untuk pengendalian berbasis kebutuhan bisnis.

Pemantauan dan Pemeliharaan Pengendalian Sistem Informasi

  • Melakukan pengujian dan peninjauan kontrol secara berkelanjutan.
  • Mengusulkan otomatisasi dalam proses verifikasi kontrol.

Metode Pelatihan & Fasilitas

Durasi: 4 Hari Intensif

Format: Kelas Online Interaktif / Tatap Muka (Tergantung jadwal)

Metode: Presentasi interaktif, studi kasus, latihan soal, dan diskusi

Fasilitas:

  • Materi pelatihan digital
  • Akses latihan soal CRISC
  • Sertifikat partisipasi
  • Sesi diskusi & konsultasi teknis

Testimoni Peserta

Pelatihannya padat, jelas, dan sangat relevan. Saya jadi lebih percaya diri menghadapi tantangan risiko TI di organisasi kami

Dian S

Risk Officer di Sektor Keuangan

Trainer-nya sangat kompeten, pembahasannya tajam dan aplikatif. CRISC di ITGID recommended!

Fajar H

IT Governance Specialist

Siap Melangkah Jadi Profesional Risiko TI Bersertifikat?

FAQ (Pertanyaan yang Sering Diajukan)

Apakah pelatihan ini hanya untuk yang ingin mengikuti ujian CRISC?

Tidak. Pelatihan ini juga sangat bermanfaat bagi siapa saja yang ingin memperdalam manajemen risiko dan pengendalian TI di organisasi mereka.

Tidak wajib, namun pengalaman atau pemahaman tentang sistem informasi akan sangat membantu.

Ya, peserta akan mendapatkan sertifikat partisipasi dari ITGID.