ISACA CRISC Training Boot Camp

Learn the principles and practices of IT governance. Build your knowledge around how IT risk relates to your organization and prepare to earn your Certified in Risk and Information Systems Control (CRISC) certification.

★★★★☆

4.1

(518 ratings)

93% exam pass rate

View Pricing

Earn your CRISC, guaranteed!

Exam Pass Guarantee
100% Satisfaction Guarantee
ISACA CRISC exam voucher
Digital copy of ISACA Official Review Manual
Unlimited practice exam attempts
12-month subscription to the ISACA Official Question, Answer & Explanation (QAE) Database
Three days live, expert CRISC instruction (live online or in-person)
Immediate access to Infosec Skills — including a bonus CRISC boot camp prep course — from the minute you enroll to 90 days after your boot camp
Learn by doing with 100s of additional hands-on courses and labs
90-day access to all boot camp video replays and materials
Knowledge Transfer Guarantee

ISACA Accredited Training Organization (ATO)

Infosec is one of a select number of ISACA accredited Elite+ Partners in the world. When you enroll in an Infosec CRISC Boot Camp, you can rest assured you are receiving the most effective and up-to-date certification prep available, including official ISACA training materials and instruction that has been independently assessed to meet ISACA’s quality standards.

View full course schedule

Training overview

Infosec’s CRISC Boot Camp is designed for IT professionals who are tasked with identifying, assessing and evaluating organizational risk. You’ll learn about identifying and evaluating entity-specific risk, as well as how to help enterprises accomplish business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective information systems controls.

You’ll leave fully prepared to earn your CRISC, one of the most in-demand certifications a risk professional can achieve.

What you'll learn

This boot camp prepares you to pass the ISACA CRISC exam, which covers four domain areas designed to reflect the work performed by IT risk professionals:

Domain 1: Governance
Domain 2: IT risk assessment
Domain 3: Risk response and reporting
Domain 4: Information technology security

You will also learn how to:

Identify risks related to an organization’s internal and external business and IT environments
Identify potential threats and vulnerabilities to the organization’s people, processes and technology
Develop and analyze IT risk scenarios to determine potential impact
Identify the effectiveness of existing controls
Identify key stakeholders and assign risk ownership
Communicate results of risk assessments
Consult with risk owners on the design and implementation of mitigating controls
Define and establish data-driven key risk indicators
Monitor changes in risk indicators
Report risk indicator changes to key stakeholders
Analyze risk indicators to determine the effectiveness of existing controls

Who should attend

IT and risk professionals
Business analysts
Project managers
Compliance professionals
Anyone tasked with identifying, evaluating and mitigating organizational risk

Prerequisites

There are no prerequisites to take the exam. However, in order to apply for certification you must meet the necessary experience requirements as determined by ISACA: a minimum of three years of cumulative work experience performing the tasks of a CRISC professional across two of the four CRISC domains. Of these two required domains, one must be in either domain 1 or 2 (risk identification or assessment).

Everything you need to earn your CRISC

Exam Pass Guarantee
100% Satisfaction Guarantee
ISACA CRISC exam voucher
Digital copy of ISACA Official Review Manual
3 days live, expert CRISC instruction (available in-person or online)
12-month subscription to the ISACA Official Question, Answer & Explanation (QAE) Database
CRISC Boot Camp prep course
90-day extended access to recordings of daily lessons
100s of additional hands-on courses and labs
Knowledge Transfer Guarantee

View Pricing

Exam Pass Guarantee

We guarantee you’ll pass your exam on the first attempt. Learn more.

CRISC training schedule

Infosec’s CRISC training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared for your exam — and get certified on your first attempt.

Before your boot camp
- Start learning now. You’ll get immediate access to all the content in Infosec Skills, including an in-depth CRISC prep course, the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.
During your boot camp
- Domain 1 – Governance
  Organizational Governance A
  
  Organizational strategy, goals and objectives
  
  Organizational structure, roles and responsibilities
  
  Organizational culture
  
  Policies and standards
  
  Business processes
  
  Organizational assets
  
  Risk Governance B
  
  Enterprise risk management and risk management framework
  
  Three lines of defense
  
  Risk profile
  
  Risk appetite and risk tolerance
  
  Legal, regulatory and contractual requirements
  
  Professional ethics of risk management
  
  Domain 2 – IT Risk Assessment
  IT Risk Identification A
  
  Risk events (e.g., contributing conditions, loss result)
  
  Threat modeling and threat landscape
  
  Vulnerability and control deficiency analysis (e.g., root cause analysis)
  
  Risk scenario development
  
  IT Risk Analysis and Evaluation B
  
  Risk assessment concepts, standards and frameworks
  
  Risk register
  
  Risk analysis methodologies
  
  Business impact analysis
  
  Inherent and residual risk
  
  Domain 3 – Risk Response and Reporting
  Risk Response A
  
  Risk treatment / risk response options
  
  Risk and control ownership
  
  Third-party risk management
  
  Issue, finding and exception management
  
  Management of emerging risk
  
  Control Design and Implementation B
  
  Control types, standards and frameworks
  
  Control design, selection and analysis
  
  Control implementation
  
  Control testing and effectiveness evaluation
  
  Risk Monitoring and Reporting C
  
  Risk treatment plans
  
  Data collection, aggregation, analysis and validation
  
  Risk and control monitoring techniques
  
  Risk and control reporting techniques (heatmap, scorecards and dashboards)
  
  Key performance indicators
  
  Key risk indicators (KRIs)
  
  Key control indicators (KCIs)
  
  Domain 4 – Information Technology and Security
  Information Technology Principles A
  
  Enterprise architecture
  
  IT operations management (e.g., change management, IT assets, problems and incidents)
  
  Project management
  
  Disaster recovery management (DRM)
  
  Data lifecycle management
  
  System development life cycle (SDLC)
  
  Emerging technologies
  
  Information Security Principles B
  
  Information security concepts, frameworks and standards
  
  Information security awareness training
  
  Business continuity management
  
  Data privacy and data protection principles
After your boot camp
- Your Infosec Skills access extends 90 days past your boot camp, so you can take additional time to prepare for your CRISC exam, get a head start on your next certification goal or start earning CPEs.

Free CRISC training resources

CRISC Resource Hub

Explore our CRISC resource hub to learn all about the Security+, including exam information, study resources, salary data, job outlook and more.

See Resources

ISACA career kit

Salaries for ISACA certification holders range from $103,000 to $133,000. Download the ISACA career kit to find out which cert is right for you.

Download

Get started in cybersecurity: Beginner tips, certifications and career paths

Learn where a career in cybersecurity can take you in this on-demand webinar with Keatron Evans, Infosec instructor and cybersecurity professional. Keatron shares tips for individuals first starting out in the industry or looking to change their career path.

Listen Now

Enroll in a boot camp

See additional dates