CRISC Exam Preparation
- Last Revised:
- 10. May 2017
- 2600.00 USD (VAT incl.)
- Not Specified
- Not Specified
- Not Specified
CRISC Exam Preparation
Designed to assist and enhance the study process, this course will focus on identifying and evaluating entity-specific risk, understanding enterprises business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls. Each of the CRISC job domains will be discussed and attendees will become familiar with the CRISC exam question format.
Day 1 – Risk Management and Information Systems Control
q Differentiate between risk management and risk governance
q Identify the roles and responsibilities for risk management
q Identify relevant standards, frameworks and practices
q Explain the meaning of key risk management concepts, including risk appetite and risk tolerance
q Differentiate between threats and vulnerabilities
q Apply risk identification, classification, quantitative / qualitative assessment and evaluation techniques
q Describe the key elements of the risk register
q Describe risk scenario development tools and techniques
q Help develop and support risk awareness training tools and techniques
q Relate risk concepts to risk assessment
Day 2 – Risk Response
q List various parameters for risk response selection
q List the different risk response options
q Describe risk responses may be most suitable for a high-level risk scenario
q Describe how exception management relates to risk management
q Monitor existing risk.
q Report noncompliance and other changes in information risk
q Describe how residual risk relates to inherent risk and risk appetite
q Describe the need for performing a cost-benefit analysis when determining a risk response
q Describe the attributes of a business case to support project management
q Identify standards, frameworks and leading practices related to risk response
Day 3 – Risk Monitoring
q As a result of completing this chapter, the CRISC candidate should be able to:
q Explain the principles of risk ownership.
q List common risk and compliance reporting requirements, tools and techniques.
q Describe various risk assessment methodologies.
q Differentiate between key performance indicators and Key Risk Indicators.
q Describe, at a high level, data extraction; aggregation; and, analysis tools and techniques.
q Differentiate between various types of processes to review organization’s risk monitoring process.
q List various standards, frameworks, and practices related to risk monitoring.
Day 4 – Information Systems Control Design and Implementation
q List different control categories and their effects
q Judge control strength.
q Explain the importance of balancing control cost and benefit.
q Leverage understanding of the SDLC process to implement IS controls efficiently and effectively.
q Differentiate between the four high-level stages of the SDLC.
q Relate each SDLC phase to specific tasks and objectives.
q Apply core project management tools and techniques to the implementation of IS controls.
Day 5 – Information Systems Control Maintenance and Monitoring
q Describe the purpose and levels of a maturity model as it applies to the risk management process.
q Compare different monitoring tools and techniques.
q Describe various testing and assessment tools and techniques.
q Explain how monitoring of IS controls relates to applicable laws and regulations
q Understand the need for control maintenance.
This is a binding contract, please read and understand the terms and conditions before signing as signed booking forms will not be cancelled 10 days after SAVANNAH TELECOM Management has received the registration form.
1. Terms of payment:
In order to secure your registration, payment is due in full upon receipt of invoice. Early registration is vital due to limited workshop space.
2. Right of Admission:
SAVANNAH TELECOM reserves the right to refuse admission to the conference where evidence of full payment cannot be shown.
3. Delegate Cancellation:
Provided the total fee has been settled, substitutions will be at no extra charge up till 7 days before the workshop date. Cancellations must be received in writing (14) days before the workshop in order to obtain a full credit voucher for our future events. Any cancellations received less than 14 days before the date of the conference, the full fee will be payable and no refunds or credit voucher will be given. If a delegate does not cancel and fails to attend the conference, he/she is liable for the full payment and no refund / credit voucher will be issued
4. SAVANNAH TELECOM Substitutions:
Please note that speakers and topics were confirmed at the time of publishing, however, circumstances beyond the control of the organizers may necessitate substitutions, alterations or cancellations of the speakers and/or topics. As such SAVANNAH TELECOM reserves the right to alter /modify the advertised speakers/ topics if necessary and all delegates will be notified as soon as possible.
5.SAVANNAH TELECOM Cancellation & Postponement:
In the event that SAVANNAH TELECOM Business Consulting cancels an event, delegate payments at the date of cancellation will be credited to a future SAVANNAH TELECOM conference. This credit will be available for a year from the date of issue. If the delegate is unable to attend the rescheduled conference, the delegate will receive a credit representing payments made towards a future SAVANNAH TELECOM conference & it will be available for 1 year from the date of issue. SAVANNAH TELECOM is not responsible for any loss/damage as a result of a substitution, alteration/cancellation /postponement of a conference