-
CRISC Domain 1: Governance pre-reading materials
-
-
Domain 1: Governance participant guide
-
-
Domain 1: Governance activity book
-
-
Domain 1: supplemental materials
-
-
Introduction to CRISC Domain 1: Governance
-
This introduction details the outline for the entire learning path and Domain 1, noting the weight of Domain 1 on the exam (26%) and providing the course outline and learning objectives for Domain 1: Governance.
-
-
Key risk concepts
-
This video discusses key risk terms and concepts, such as likelihood, event, and impact, setting the context for risk in an enterprise and quantifying risk.
-
-
Organizational strategy, goals and objectives
-
This video introduces organizational strategy, goals and objectives; compares governance to management; discusses the benefits of IT management; outlines risk practitioner goals and the IT risk management life cycle; and explains various types of business
-
-
Organizational structure, roles and responsibilities
-
This video describes organizational structure, defines the roles and responsibilities for risk management and details the RACI model that determines who is responsible for, accountable for, consulted about and informed of risks within an organization.
-
-
Organizational culture and assets
-
This video describes the organizational culture as related to risk, including risk awareness programs and communication about risks, and explains how to determine, inventory and evaluate what assets may be affected by risk.
-
-
Policies, standards, and business process review
-
This video delves into risk policies, standards, procedures and principles, as well as the purpose of and steps involved in business process review of risk.
-
-
Risk governance overview
-
This video gives an overview of risk governance, including the four key objectives of risk governance.
-
-
Enterprise risk management, risk management frameworks and three lines of defense
-
This video dives into enterprise risk management, including risk management standards and frameworks, as well as the three lines of defense: operational management, organizational compliance with the risk standards and auditing.
-
-
Risk profile, risk appetite and risk tolerance
-
This video discusses the risk profile, appetite and tolerance of the organization, which is based on the IT risk management objectives and goals for the organization and its culture.
-
-
Professional ethics, laws, regulations and contracts
-
This video discusses the the ethics of risk management, as well as the legal and organizational rules and regulations that define risk management.
-
-
Domain 1: Governance course summary
-
A short summary of Domain 1, regarding the various angles of governance discussed in the preceding videos.
-
-
ISACA overview of Domain 1: Governance
-
A brief overview of the ISACA CRISC coursework and exam for Domain 1: Governance.
-
Syllabus
Syllabus
Course description
CRISC Domain 1 covers both organizational governance and risk governance, and dives into such topics as such as organizational strategy, structure and culture, policies and standards, business processes, organizational assets, enterprise risk management a
Meet the author
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certification and skills training. We also empower all employees with security awareness training to stay cybersecure at work and home. Driven by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.
You're in good company
We use Infosec Skills to provide continuous training to our technicians and to prepare them for various certifications. Infosec Skills allows us to create personalized training programs that focus on each of our technicians’ particular roles and see their progress as they take courses. We also, recommend it to clients to make their IT support teams better.
Caleb Yankus
This has been utilized to bridge the skills gap across our cyber team and to aid them as they prepare for their various certifications. It also has provided a nice learning foundation for our various cyber team members to utilize as we continue to find ways for cross-utilization with operations while minimizing the downtime needed to ensure everyone’s knowledge is the same.
Daniel Simpson
We use Infosec Skills to provide base level knowledge for employees. We also use the services to provide in depth learning for employees as they encounter new technologies. If an employee is is assigned to a new project, we can rely on Infosec Skills to provide a rapid concentrated learning environment. This rapid concentrated learning positions our employees for success.
Infosec Skills Teams client
Plans & pricing
-
Infosec Skills Personal
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
-
Infosec Skills Teams
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
Award-winning training that you can trust
