-
Domain 3: Risk response and reporting pre-reading materials
-
-
Domain 3: Risk response and reporting participant guide
-
-
Domain 3: Risk response and reporting activity book
-
-
Domain 3: Supplemental materials
-
-
ISACA overview of Domain 3: Risk response and reporting
-
A brief overview of the ISACA CRISC coursework and exam for Domain 3: Risk Response and Reporting.
-
-
Introduction to Domain 3: Risk response and reporting
-
This introduction to Domain 3 notes the weight of the domain on the exam (32%) and provides the outline for the coursework and learning objectives for Domain 3: Risk Response and Reporting.
-
-
Risk and control ownership
-
This video starts with an overview of risk response, then details risk control and the ownership and accountability for various roles within an organization.
-
-
Risk treatment/risk response options
-
This video describes how organizations must align their risk response to their business objectives and how to choose one or more of the four options for responding to risk: acceptance, mitigation, sharing and avoidance.
-
-
Managing risk from processes, third parties and emergent sources
-
This video details how risk can be managed when third parties are involved, new processes are implemented or emerging technologies are utilized.
-
-
Control types, standards and frameworks
-
This video describes various control types, as well as the standards and frameworks that are essential for the risk practitioner to know.
-
-
Control design, selection and analysis
-
In this video, we discuss how to use control testing and incident management programs to assess the current state of risk and how to design, select and adjust to maintain the best risk controls.
-
-
Control testing, implementation and effectiveness evaluation
-
This video begins with an overview of control testing, then delves into control implementation, review of implementation for lessons learned, control management procedures, various options for testing and best practices for testing.
-
-
Risk treatment plans
-
Risk treatment plans for monitoring and reporting, the risk response process and risk mitigation are all covered in this course.
-
-
Data collection, aggregation, analysis and validation
-
In this video, learn how to collect, aggregate, analyze and validate data by using a variety of tools and data logs.
-
-
Risk and control monitoring and reporting techniques
-
This video details methods and sources to help the risk practitioner with monitoring and reporting risks and assessing the effectiveness of various controls, such as heatmaps, scorecards and dashboards.
-
-
Performance, risk and control metrics
-
This video covers the metrics for determining risk controls effectiveness and provides details on metrics such as key performance indicators (KPIs), key risk indicators (KRIs) and key control indicators (KCIs).
-
-
Domain 3: Risk response and reporting course summary
-
A short summary of Domain 3, reviewing the main areas covered in the preceding videos on IT risk response and reporting.
-
Syllabus
Syllabus
Course description
CRISC Domain 3 covers risk treatment and response options and dives into such topics as risk and control ownership, third-party risk management, emerging risk, control design and implementation, control types, standards and frameworks, control design, sel


Meet the author
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certification and skills training. We also empower all employees with security awareness training to stay cybersecure at work and home. Driven by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.
You're in good company
We use Infosec Skills to provide continuous training to our technicians and to prepare them for various certifications. Infosec Skills allows us to create personalized training programs that focus on each of our technicians’ particular roles and see their progress as they take courses. We also, recommend it to clients to make their IT support teams better.
Caleb Yankus
This has been utilized to bridge the skills gap across our cyber team and to aid them as they prepare for their various certifications. It also has provided a nice learning foundation for our various cyber team members to utilize as we continue to find ways for cross-utilization with operations while minimizing the downtime needed to ensure everyone’s knowledge is the same.
Daniel Simpson
We use Infosec Skills to provide base level knowledge for employees. We also use the services to provide in depth learning for employees as they encounter new technologies. If an employee is is assigned to a new project, we can rely on Infosec Skills to provide a rapid concentrated learning environment. This rapid concentrated learning positions our employees for success.
Infosec Skills Teams client
Plans & pricing
-
Infosec Skills Personal
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
-
Infosec Skills Teams
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
Award-winning training that you can trust




