Learn the principles and practices of IT governance. Build your knowledge around how IT risk relates to your organization and prepare to earn your Certified in Risk and Information Systems Control (CRISC) certification.
Infosec's CRISC Boot Camp is designed for IT professionals who are tasked with identifying, assessing and evaluating organizational risk. You'll learn about identifying and evaluating entity-specific risk, as well as how to help enterprises accomplish business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective information systems controls. You'll leave fully prepared to earn your CRISC, one of the most in-demand certifications a risk professional can achieve.
Learning Objectives
- Identify risks related to an organization's internal and external business and IT environments
- Identify potential threats and vulnerabilities to the organization's people, processes and technology
- Develop and analyze IT risk scenarios to determine potential impact
- Identify the effectiveness of existing controls
- Identify key stakeholders and assign risk ownership
- Communicate results of risk assessments
- Consult with risk owners on the design and implementation of mitigating controls
- Define and establish data-driven key risk indicators
- Monitor changes in risk indicators
- Report risk indicator changes to key stakeholders
- Analyze risk indicators to determine the effectiveness of existing controls
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Risk Management
- Strategic Planning and Policy
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.