Next boot camp starts soon. Enroll now.

ISACA CRISC Training Boot Camp

Transform your career in 3 days

A Certified in Risk and Information Systems Control (CRISC) certification is one of the most in-demand qualifications for risk professionals. Our CRISC training program prepares you to identify and evaluate entity-specific risk. Hone your skills and impress your organization by achieving business objectives through designing, implementing, monitoring and maintaining risk-based information systems controls. With our expert instructors and hands-on approach, you become an effective leader who understands and articulates business risk environments.

 

4.10 (518 ratings)

View Pricing
Affirm Financing available
Exam Pass Guarantee

Course essentials

Boot camp at a glance

  • Method

    Live online, in-person, onsite

  • Duration

    3 days

  • Experience

    3+ years

  • Average salary

    $151,000

  • Meets 8570.1

    DoD information assurance requirements

Ready to discuss your training goals? We've got you covered.

Complete the form and book a meeting with a member of our team to explore your learning opportunities.

This is where the error message would go.

Step 1

Finish

Thanks! We look forward to meeting with you!

Book a Meeting

What you'll learn

Training overview

Exam Pass Guarantee

This immersive CRISC Boot Camp prepares you to pass the ISACA CRISC exam, which covers four domain areas that reflect the work performed by IT risk professionals:

  • Governance: Focuses on the organizational groundwork needed to set up successful IS controls. It covers company strategy, goals and objectives; structure, roles and responsibilities; culture, policies and standards and more.
  • IT risk assessment: Focuses on the contributing conditions of risk events, threat modeling, root cause analysis and more.
  • Risk response and reporting: Focuses on risk treatment plans and risk management, giving you a solid foundation for monitoring, control and reporting techniques and knowing key performance, risk and control indicators.
  • Information technology and security: Focuses on IT operations, disaster recovery, project management, data lifecycle management, business continuity management and more.
Learn More

ISACA Accredited Training Organization (ATO)

Infosec is one of a select number of ISACA accredited Elite+ Partners in the world. When you enroll in an Infosec CISM Boot Camp, you can rest assured you are receiving the most effective and up-to-date certification prep available, including official ISACA training materials and instruction that has been independently assessed to meet ISACA’s quality standards.

Award-winning training you can trust

What's included

Everything you need to know

Certification Logo
  • 90-day extended access to Boot Camp components, including class recordings
  • 12-Month subscription to the ISACA Official Question, Answer & Explanation (QAE) database
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee
  • Exam voucher
  • Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
  • Knowledge Transfer Guarantee
  • Pre-study learning path
  • Unlimited practice exam attempts
View Pricing

What makes the Infosec CRISC prep course different?

You can rest assured that the CRISC training materials are fully updated and synced with the latest version of the exam. In addition, you’ll gain access to a CRISC prep course the moment you enroll, so you can prepare for and get the most out of your boot camp.

 

With 20 years of training experience, we stand by our CRISC training with an Exam Pass Guarantee. This means if you don’t pass the exam on the first attempt, we’ll pay for your second exam at no additional cost to you!

Learn More

Before your boot camp

Prerequisites

There are no prerequisites to take the CRISC certification exam. However, aspiring candidates must have:

  • Three cumulative years of work experience in IT risk management and information systems control to apply for certification

There are no substitutions or experience waivers for this particular ISACA credential. Learn more about the CRISC prerequisites and conditions set by ISACA.

Enroll Now

Syllabus

Training schedule

Preparation (before the boot camp starts)
Infosec Skills 90 day subscription logo

CRISC prep course

Day 1
Morning session

Introduction to CRISC exam and preparation methodology

Afternoon session

Governance

Organizational Governance A

  • Organizational strategy, goals and objectives
  • Organizational structure, roles and responsibilities
  • Organizational culture
  • Policies and standards
  • Business processes
  • Organizational assets

Risk Governance B

  • Enterprise risk management and risk management framework
  • Three lines of defense
  • Risk profile
  • Risk appetite and risk tolerance
  • Legal, regulatory and contractual requirements
  • Professional ethics of risk management
Evening session

Optional group & individual study

Schedule may vary from class to class

Day 2
Morning session

IT Risk Assessment

IT Risk Identification A

  • Risk events (e.g., contributing conditions, loss result)
  • Threat modeling and threat landscape
  • Vulnerability and control deficiency analysis (e.g., root cause analysis)
  • Risk scenario development

IT Risk Analysis and Evaluation B

  • Risk assessment concepts, standards and frameworks
  • Risk register
  • Risk analysis methodologies
  • Business impact analysis
  • Inherent and residual risk
Afternoon session

Risk Response and Reporting

Risk Response A

  • Risk treatment and risk response options
  • Risk and control ownership
  • Third-party risk management
  • Issue, finding and exception management
  • Management of emerging risk

Control Design and Implementation B

  • Control types, standards and frameworks
  • Control design, selection and analysis
  • Control implementation
  • Control testing and effectiveness evaluation

Risk Monitoring and Reporting C

  • Risk treatment plans
  • Data collection, aggregation, analysis and validation
  • Risk and control monitoring techniques
  • Risk and control reporting techniques (heatmap, scorecards and dashboards)
  • Key performance indicators
  • Key risk indicators (KRIs)
  • Key control indicators (KCIs)
Evening session

Optional group & individual study

Schedule may vary from class to class

Day 3
Morning session

Risk Response and Reporting continued

Afternoon session

Information Technology and Security

Information Technology Principles A

  • Enterprise architecture
  • IT operations management (e.g., change management, IT assets, problems and incidents)
  • Project management
  • Disaster recovery management (DRM)
  • Data lifecycle management
  • System development life cycle (SDLC)
  • Emerging technologies

Information Security Principles B

  • Information security concepts, frameworks and standards
  • Information security awareness training
  • Business continuity management
  • Data privacy and data protection principles
Evening session

Optional group & individual study

Schedule may vary from class to class

Download Full Syllabus

Guaranteed results

Our boot camp guarantees

Exam Pass Guarantee

If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year (does not apply to CMMC-AB boot camps).

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

View Pricing

Unlock team training discounts

If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.

Request Team Pricing

FAQ

Frequently asked questions

Why is certification important to an IT risk and control career?
IT risk and control professionals often seek certification to hone their skills and prove their legitimacy among peers. Professional development is a key motivator for CRISC candidates who wish to implement effective and risk-based information system controls for their organizations.
What qualifies as IT risk and control experience?
ISACA states that work experience must be related to at least two of the four domains to qualify for the certification. At least one of these domains must be either domain 1 or domain 2. Read our article to learn more about the CRISC experience requirements.
How is the CRISC certification different from other comparable security certifications?
The CRISC is for IT professionals — specifically individuals that perform risk management and implement internal controls. The closest certification to the CRISC is probably IIA’s CRMA certification, which is more oriented towards internal auditors, specifically those assessing risk management processes.
How does the CRISC examination process work?
The CRISC exam is a 150 question, multiple choice test that must be completed in a timeframe of four hours. It is scored on a scale of 200 to 800, with 450 points being the minimum passing score. Click here for more exam information.
How long is the CRISC certification valid after you pass the test, and what are the renewal requirements?
Like other ISACA certifications, the CRISC is valid for three years after you pass the exam. However, certain terms must be met. An annual maintenance fee must be paid, and CRISC holders must participate in ISACA’s CPE (Continuing Professional Education) program, reporting 20 CPE hours annually and 120 CPE hours across the three-year period. For more renewal information, read our article on CRISC renewal requirements.

You're in good company

EH

The instructor was able to take material that prior to the class had made no sense, and explained it in real world scenarios that were able to be understood.

Erik Heiss, United States Air Force

MJ

I really appreciate that our instructor was extremely knowledgeable and was able to provide the information in a way that it could be understood. He also provided valuable test-taking strategies that I know not only helped me with this exam, but will help in all exams I take in the future.

Michelle Jemmott, Pentagon

RC

The course was extremely helpful and provided exactly what we needed to know in order to successfully navigate the exam. Without this I am not confident I would have passed.

Robert Caldwell, Salient Federal Solutions

Enroll in a boot camp

December 18, 2023 - December 20, 2023

Online only

Book Now

March 26, 2024 - March 28, 2024

Online only

Book Now

May 29, 2024 - May 31, 2024

Online only

Book Now

July 01, 2024 - July 03, 2024

Online only

Book Now

September 04, 2024 - September 06, 2024

Online only

Book Now

Explore our top boot camps

More learning opportunities

Most popular

CompTIA Security+ Training Boot Camp Boot camp

CompTIA Security+ Training Boot Camp

This five-day boot camp equips you with the knowledge and hands-on exercises needed to get CompTIA Security+ certified. Infosec’s Security+ Training Boot Camps are led by cybersecurity experts that will teach you everything you need to know to pass the Security+ exam — guaranteed. Infosec is an authorized training partner of CompTIA, and our training has won numerous awards, including the CompTIA Outstanding Partner Award.
Learn More

#1 FOR BEGINNERS

Cisco CCNA Associate & CyberOps Associate Training Boot Camp with Dual Certification Boot camp

Cisco CCNA Associate & CyberOps Associate Training Boot Camp with Dual Certification

This Cisco CCNA Associate & CyberOps Associate Training Boot Camp with Dual Certification is designed to enhance network engineers’ and administrators’ skills with comprehensive knowledge of Cisco router and switch configuration. By enrolling in our boot camp, you gain hands-on experience, practical skills and the preparation needed to earn two valuable Cisco certifications.
Learn More

Most requested

(ISC)² CISSP® Training Boot Camp Boot camp

(ISC)² CISSP® Training Boot Camp

Our CISSP Boot Camp is designed to tackle the ever-evolving challenges of information security, and our intensive program provides you with the skills needed to excel. We cover the broad range of knowledge required for the CISSP certification and fully prepare you to pass the CISSP exam.

Learn More