1. Training
  2. Education & Training Catalog
  3. Intellectual Point
  4. Certified in Risk and Information Systems Control (CRISC)

Certified in Risk and Information Systems Control (CRISC)

Build a greater understanding of the impact of IT risk and how it relates to an overall organization. Assure development of more effective plans to mitigate risk, establish a common perspective and language about IT risk that can set the standard for your enterprise.

Course Overview

Overall Proficiency Level
3 - Advanced
Course Catalog Number
CRISC
Course Prerequisites

To earn the CRISC certification, candidates are required to:

  • Prove at least three years of cumulative work experience performing the tasks of a CRISC professional across at least three CRISC domains
  • Pass the CRISC exam
Training Purpose
Functional Development
Specific Audience
All
Delivery Method
Classroom
Online, Instructor-Led
Course Location

46175 Westlake Drive, Suite 250
Sterling, VA 20165

Course Location Map
  • Your Location
  • Providers
  • Courses
  • Course and Provider Quantity
  • Classroom
  • Online, Instructor-Led

Learning Objectives

  • Laws, regulations, standards, and compliance requirements related to risk management
  • Components of enterprise systems architecture
  • Business goals and objectives related to risk management
  • Methods to identify risk
  • Risk scenario development tools and techniques
  • Risk identification and classification standards and frameworks
  • Elements of a risk register
  • Risk appetite and tolerance
  • Risk analysis methodologies (quantitative and qualitative)
  • Organizational structures
  • Organizational assets
  • Organizational policies and standards related to risk management
  • Business process review tools and techniques
  • Analysis techniques (e.g., root cause, gap, cost-benefit, return on investment [ROI])
  • Maturity model assessment and improvement techniques and strategies
  • Data analysis, validation, and aggregation techniques (e.g., trend analysis, modeling)
  • Data collection and extraction

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Risk Management

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.

Last Published Date: