CRISC Exam Preparation
Overview
The CRISC certification, pronounced āsee-riskā, is designed for IT professional who has hands-on experience with risk identification, assessment, and evaluation; risk response; risk monitoring; IS control design and implementation, and IS control monitoring and maintenance.
Tujuan Program
Who Needs This?
Experienced IT Control or Security Professionals
IT Professionals
Risk Professionals
Business Analysts
Project Manager
IS Control Design/Monitoring, and Implementation / Maintenance.
What You Learn?
– Identify legal, regulatory, and contractual requirements and organizational policies and standards related to information systems to determine their potential impact on the business objectives.
– Identify legal, regulatory, and contractual requirements and organizational policies and standards related to information systems to determine their potential impact on the business objectives.
– Identify potential threats and vulnerabilities for business process, associated data, and supporting capabilities
– Identify and evaluate risk response options and provide management with information to enable risk response decisions.
– Review Risk Response with the relevant stakeholders for validation of efficiency, effectiveness, and economy.
– Apply risk criteria to assist in the development of the risk profile for management approval.
– Assist in the development of risk response action plans to address risk factors identified in the organizational risk profile.
– Assist in the development of business cases supporting the investment plan to ensure that risk responses are aligned with the identified business objectives.
– Collect and Validate data that measure key risk indicators (KRIs) to monitor and communicate their status to relevant stakeholders.
– Monitor and communicate key risk indicators (KRIs) and management activities to assist relevant stakeholders in their decision-making process.
– Facilitate independent risk assessments and risk management process reviews to ensure that they are performed efficiently and effectively.
– Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements.
– Interview process owners and review process design documentation to gain an understanding of the business process objectives.
– Analyze and document business process objectives and design to identify required information system controls
– Design information systems control in consultation with process owners to ensure alignment with business needs and objectives.
– Facilitate the identification of resources
– Plan, supervise and conduct testing to confirm continuous efficiency and effectiveness of information system controls.
– Collect information and review documentation to identify information systems control deficiencies.
– Review information systems policies, standards, and procedures to verify that they address the organizationās internal and external requirements.
– Assess and recommend tools and techniques to automate information systems control verification processes.