CRISC (Certified in Risk & Information Systems Control)

• Organizational Strategy, Goals, and Objectives
• Organizational Structure, Roles, and Responsibilities
• Organizational Culture
• Policies and Standards
• Business Processes
• Organizational Assets

• Enterprise Risk Management and Risk Management Framework
• Three Lines of Defence
• Risk Profile
• Risk Appetite and Risk Tolerance
• Legal, Regulatory, and Contractual Requirements
• Professional Ethics of Risk Management

• Risk Scenario Development
• Risk Events (e.g., contributing conditions, loss result)
• Threat Modelling & Threat Landscape
• Vulnerability & Control Deficiency Analysis (e.g., root cause analysis)

• Risk Assessment Concepts, Standards, and Frameworks
• Risk Register
• Risk Analysis Methodologies
• Business Impact Analysis
• Inherent and Residual Risk

• Risk Treatment / Risk Response Options
• Risk and Control Ownership
• Third-Party Risk Management
• Issue, Finding, and Exception Management
• Management of Emerging Risk

• Control Types, Standards, and Frameworks
• Control Design, Selection, and Analysis
• Control Implementation
• Control Testing and Effectiveness Evaluation

• Key Performance Indicators
• Key Risk Indicators (KRIs)
• Key Control Indicators (KCIs)
• Risk Treatment Plans
• Data Collection, Aggregation, Analysis, and Validation
• Risk & Control Reporting Techniques (heatmap, scorecards, dashboards)
• Risk and Control Monitoring Techniques

• Enterprise Architecture
• Project Management
• Disaster Recovery Management (DRM)
• Data Lifecycle Management
• IT Operations Management (e.g., change management, IT assets, problems, incidents)
• System Development Life Cycle (SDLC)
• Emerging Technologies

• Information Security Concepts, Frameworks, and Standards
• Information Security Awareness Training
• Business Continuity Management
• Data Privacy and Data Protection Principles

CRISC is an acronym for Certified in Risk and Information Systems Control. The ISACA website defines CRISC as “the most current and rigorous assessment available to evaluate the risk management proficiency of IT professionals and other employees within an enterprise or financial institute.”

The CRISC certification is not for beginners. ISACA recommends candidates be mid-career, and be either IT/IS audit or risk and security professionals. Individuals who manage company IT risk and control should look into this certification. Currently, there are over 30,000 certification holders

The CRISC certification is mostly useful for corporate-level IT risk assessment practitioners. Risk assessment, management and support companies, and compliance are segments that CRISC trainees are specialized in. One of the main differences also lies in the CISM vs CRISC difficulty level.

A: To attend the training session you should have an operational Desktops or Laptops with required specification along with good internet connection to access the labs. 

A: We would always recommend you to attend the live session to practice & clarify the doubts instantly and get more value from your investment. However, if due to some contingency if you have to skip the class Radiant Techlearning would help you with the recorded session of that particular day. However, those recorded sessions are not meant only for personal consumption and NOT for distribution or any commercial use.

A: Radiant Techlearning has a data center containing the Virtual Training environment for the purpose of participant’s hand-on-practice. 

Participants can easily access these labs over Cloud with the help of remote desktop connection. 

Radiant virtual labs provides you the flexibility to learn from anywhere in the world and in any time zone. 

A: The learners will be enthralled as we engage them the real world and industry Oriented projects during the training program. These projects will improve your skills and knowledge and you will gain better experience. These real time projects, they will help you a lot in your future tasks and assignments.