-
Domain 4: Information technology and security pre-reading materials
-
-
Domain 4: Information technology and security participant guide
-
This participant guide includes the various slides that the instructor presented in the videos for Domain 4 so that participants can review the main ideas, as well as relevant charts, graphics, questions and activities.
-
-
Domain 4: Information technology and security activity book
-
The activity book consolidates all of the activities discussed in Domain 4.
-
-
ISACA overview of Domain 4: Information technology and security
-
A brief overview of the ISACA CRISC coursework and exam for Domain 4: Information Technology and Security
-
-
Introduction to Domain 4: Information technology and security
-
This introduction to Domain 4 notes the weight of the domain on the exam (22%), provides the outline for the coursework and details the learning objectives for Domain 4: Information Technology and Security.
-
-
Enterprise architecture
-
This video introduces the concept of enterprise architecture, a process that includes examination, evaluation and adjustment, as well as maturity models and alternatives and the guidance components for a framework: organization, documentation, notation an
-
-
IT operations management
-
In this video, the instructor explores IT operations management, including supply chain management, IT and networking components, TCP/IP stacks, various network topologies, configuration management, software hardening, virtualization, updating the risk re
-
-
Project management
-
In this video on project management in the information technology and security fields, the focus is on the 4 steps of project management: initiation, planning, execution and closeout. It also discusses PM methodologies, project failure and response, syste
-
-
Enterprise resiliency
-
With threats being a constant in the IT and IS fields, this video discusses resiliency within the enterprise; the creation of a business continuity plan (BCP), beginning with the business Impact Assessment (BIA); and disaster recovery if an unplanned even
-
-
Data life cycle management
-
This video explores the management of the data life cycle, which includes the creation, storage, use, sharing, archiving and destruction of data. It also covers how to determine the level of protection needed and data loss prevention.
-
-
System development life cycle
-
In this video, the focus is on the system development life cycle (SDLC) for risk management, which includes initiation, development, implementation, maintenance and disposal. The video discusses management tasks within the SDLC and what happens when the p
-
-
Emerging trends in technology
-
Emerging technologies may help an enterprise with a variety of tasks, but this video focuses on the need to balance the use of new technologies with the potential risks of new technologies.
-
-
Information security concepts, frameworks and standards
-
This video does a deep dive into the principles, frameworks and standards that govern information security and following the CIA Triad (confidentiality, integrity and availability). Topics include system ownership, strategy, legacy systems, segregation of
-
-
Information security awareness training
-
In this video, the discussion includes the benefits and risks of user familiarity with technology and creating effective information security awareness training.
-
-
Data privacy and data protection principles
-
This video introduces the legislation and rules that apply to data privacy and protection in various countries, how to stay current on the latest regulations and key concepts of data privacy.
-
-
Domain 4: Information technology and security course summary
-
A short summary of Domain 4, reviewing the main areas of focus related to information technology and security discussed in the preceding videos.
-
Syllabus
Syllabus
Course description
CRISC Domain 4 covers information technology and security and dives into such topics as enterprise architecture; IT operations management; project management; disaster recovery management (DRM); data life cycle management; system development life cycle (SDLC); emerging technologies and more.


Meet the author
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certification and skills training. We also empower all employees with security awareness training to stay cybersecure at work and home. Driven by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.
You're in good company
We use Infosec Skills to provide continuous training to our technicians and to prepare them for various certifications. Infosec Skills allows us to create personalized training programs that focus on each of our technicians’ particular roles and see their progress as they take courses. We also, recommend it to clients to make their IT support teams better.
Caleb Yankus
This has been utilized to bridge the skills gap across our cyber team and to aid them as they prepare for their various certifications. It also has provided a nice learning foundation for our various cyber team members to utilize as we continue to find ways for cross-utilization with operations while minimizing the downtime needed to ensure everyone’s knowledge is the same.
Daniel Simpson
We use Infosec Skills to provide base level knowledge for employees. We also use the services to provide in depth learning for employees as they encounter new technologies. If an employee is is assigned to a new project, we can rely on Infosec Skills to provide a rapid concentrated learning environment. This rapid concentrated learning positions our employees for success.
Infosec Skills Teams client
Plans & pricing
-
Infosec Skills Personal
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
-
Infosec Skills Teams
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
Award-winning training that you can trust




