Description

This course is designed for professionals who want to pass the CRISC exam. The program covers the five key areas covered in the exam: risk identification, analysis and assessment, risk responses, risk monitoring, IS controls, IS controls life cycle.

Who is this training for ?

For whom ?

Candidates for the CRISC exam and anyone interested in improving their knowledge in the field of risk management and IS control.

Prerequisites

Training objectives

Master the risk management approach according to CRISC

Apply the best response strategies to the risks weighing on the information system

Use the best risk monitoring practices

Define information system controls

Use the best practices to monitor and maintain these controls

Training program

• Introduction au Certified in Risk and Information Systems Control
  • General presentation of CRISC.
  • Presentation of the exam model and the certification process.
• Domain 1: identification, analysis and assessment of risk
  • Risk management standards: ISO 31000, ISO 27005...
  • Risk management standards: RISK IT, COSO ERM, COBIT...
  • Components, principles and concepts of enterprise risk management.
  • Risks at different levels of the enterprise.
  • Risk identification methods.
  • Risk analysis and assessment methods.
  • Quantitative and qualitative risk analyses.
• Domain 2: responses to risk
  • Risk treatment methods.
  • Risk mitigation and information system control.
  • Risk reduction.
  • Transfer of risk.
  • Acceptance of residual risks.
  • Risk treatment plans.
• Domain 3: Risk monitoring
  • Risk treatment life cycle.
  • Monitoring treated risks.
  • Monitoring residual risks.
  • Performance evaluation of the risk management and risk reporting.
  • Key risk indicators (KRI).
  • Risk management & business resilience.
• Domain 4: Information system controls
  • Definition of IS controls.
  • Implementation of IS controls.
  • Measurement of processes and services related to IS controls.
• Domain 5: life cycle of IS controls
  • Strategic planning for life cycle management of IS controls.
  • Scope, objectives and benefits of life cycle management programs for IS controls.
  • Continuous monitoring of IS controls.
  • Maintenance of IS controls.
  • Continuous improvement of risk management and IS controls.
  • Reporting periodic review of the effectiveness of IS controls.
• Preparing for the exam
  • Discussions and exchanges.
  • Good practices for passing the exam.
  • Exam simulation and collective correction.
  • Mock exam .