• Online, Instructor-Led
  • Online, Self-Paced
Course Description

Learn the principles and practices of IT governance. Build your knowledge around how IT risk relates to your organization and prepare to earn your Certified in Risk and Information Systems Control (CRISC) certification.

Infosec's CRISC Boot Camp is designed for IT professionals who are tasked with identifying, assessing and evaluating organizational risk. You'll learn about identifying and evaluating entity-specific risk, as well as how to help enterprises accomplish business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective information systems controls. You'll leave fully prepared to earn your CRISC, one of the most in-demand certifications a risk professional can achieve.

Learning Objectives

  1. Identify risks related to an organization's internal and external business and IT environments
  2. Identify potential threats and vulnerabilities to the organization's people, processes and technology
  3. Develop and analyze IT risk scenarios to determine potential impact
  4. Identify the effectiveness of existing controls
  5. Identify key stakeholders and assign risk ownership
  6. Communicate results of risk assessments
  7. Consult with risk owners on the design and implementation of mitigating controls
  8. Define and establish data-driven key risk indicators
  9. Monitor changes in risk indicators
  10. Report risk indicator changes to key stakeholders
  11. Analyze risk indicators to determine the effectiveness of existing controls

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Risk Management
  • Strategic Planning and Policy

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.