Course
CRISC Domain 4: Information technology and security
CRISC Module 4 covers ISACA CRISC Domain 4, including principles of both information technology and information security.
Course description
CRISC Domain 4 covers information technology and security and dives into such topics as enterprise architecture; IT operations management; project management; disaster recovery management (DRM); data life cycle management; system development life cycle (SDLC); emerging technologies and more.
Syllabus
Domain 4: Information technology and security activity book
File - 00:10:00
The activity book consolidates all of the activities discussed in Domain 4.
Domain 4: Information technology and security participant guide
File - 00:10:00
This participant guide includes the various slides that the instructor presented in the videos for Domain 4 so that participants can review the main ideas, as well as relevant charts, graphics, questions and activities.
Domain 4: Information technology and security pre-reading materials
File - 00:10:00
The pre-reading document provides notes and definitions for terms used in the videos for Domain 4.
Domain 4: Information technology and security course summary
Video - 00:02:00
A short summary of Domain 4, reviewing the main areas of focus related to information technology and security discussed in the preceding videos.
Data privacy and data protection principles
Video - 00:11:00
This video introduces the legislation and rules that apply to data privacy and protection in various countries, how to stay current on the latest regulations and key concepts of data privacy.
Information security awareness training
Video - 00:09:00
In this video, the discussion includes the benefits and risks of user familiarity with technology and creating effective information security awareness training.
Information security concepts, frameworks and standards
Video - 01:11:00
This video does a deep dive into the principles, frameworks and standards that govern information security and following the CIA Triad (confidentiality, integrity and availability). Topics include system ownership, strategy, legacy systems, segregation of duties, cross-training and job rotation, access control, authentication methods, isolation, encryption, digital signatures, certificates and cryptography.
Emerging trends in technology
Video - 00:18:00
Emerging technologies may help an enterprise with a variety of tasks, but this video focuses on the need to balance the use of new technologies with the potential risks of new technologies.
System development life cycle
Video - 00:11:00
In this video, the focus is on the system development life cycle (SDLC) for risk management, which includes initiation, development, implementation, maintenance and disposal. The video discusses management tasks within the SDLC and what happens when the plan fails.
Data life cycle management
Video - 00:18:00
This video explores the management of the data life cycle, which includes the creation, storage, use, sharing, archiving and destruction of data. It also covers how to determine the level of protection needed and data loss prevention.
Enterprise resiliency
Video - 00:25:00
With threats being a constant in the IT and IS fields, this video discusses resiliency within the enterprise; the creation of a business continuity plan (BCP), beginning with the business Impact Assessment (BIA); and disaster recovery if an unplanned event occurs.
Project management
Video - 00:26:00
In this video on project management in the information technology and security fields, the focus is on the 4 steps of project management: initiation, planning, execution and closeout. It also discusses PM methodologies, project failure and response, system testing and the consequences of poor management.
IT operations management
Video - 01:12:00
In this video, the instructor explores IT operations management, including supply chain management, IT and networking components, TCP/IP stacks, various network topologies, configuration management, software hardening, virtualization, updating the risk register and cloud computing.
Enterprise architecture
Video - 00:19:00
This video introduces the concept of enterprise architecture, a process that includes examination, evaluation and adjustment, as well as maturity models and alternatives and the guidance components for a framework: organization, documentation, notation and process.
Introduction to Domain 4: Information technology and security
Video - 00:05:00
This introduction to Domain 4 notes the weight of the domain on the exam (22%), provides the outline for the coursework and details the learning objectives for Domain 4: Information Technology and Security.
ISACA overview of Domain 4: Information technology and security
Video - 00:02:00
A brief overview of the ISACA CRISC coursework and exam for Domain 4: Information Technology and Security
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
Plans & pricing
Infosec Skills Personal
$299 / year
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
Infosec Skills Teams
$799 per license / year
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Award-winning training you can trust
