CRISC Domain 4: Information technology and security Course

CRISC Module 4 covers ISACA CRISC Domain 4, including principles of both information technology and information security.

5 hours, 19 minutes

Course description

CRISC Domain 4 covers information technology and security and dives into such topics as enterprise architecture; IT operations management; project management; disaster recovery management (DRM); data life cycle management; system development life cycle (SDLC); emerging technologies and more.


Domain 4: Information technology and security activity book

File - 00:10:00

The activity book consolidates all of the activities discussed in Domain 4.
Domain 4: Information technology and security participant guide

File - 00:10:00

This participant guide includes the various slides that the instructor presented in the videos for Domain 4 so that participants can review the main ideas, as well as relevant charts, graphics, questions and activities.
Domain 4: Information technology and security pre-reading materials

File - 00:10:00

The pre-reading document provides notes and definitions for terms used in the videos for Domain 4.
Domain 4: Information technology and security course summary

Video - 00:02:00

A short summary of Domain 4, reviewing the main areas of focus related to information technology and security discussed in the preceding videos.
Data privacy and data protection principles

Video - 00:11:00

This video introduces the legislation and rules that apply to data privacy and protection in various countries, how to stay current on the latest regulations and key concepts of data privacy.
Information security awareness training

Video - 00:09:00

In this video, the discussion includes the benefits and risks of user familiarity with technology and creating effective information security awareness training.
Information security concepts, frameworks and standards

Video - 01:11:00

This video does a deep dive into the principles, frameworks and standards that govern information security and following the CIA Triad (confidentiality, integrity and availability). Topics include system ownership, strategy, legacy systems, segregation of duties, cross-training and job rotation, access control, authentication methods, isolation, encryption, digital signatures, certificates and cryptography.
Emerging trends in technology

Video - 00:18:00

Emerging technologies may help an enterprise with a variety of tasks, but this video focuses on the need to balance the use of new technologies with the potential risks of new technologies.
System development life cycle

Video - 00:11:00

In this video, the focus is on the system development life cycle (SDLC) for risk management, which includes initiation, development, implementation, maintenance and disposal. The video discusses management tasks within the SDLC and what happens when the plan fails.
Data life cycle management

Video - 00:18:00

This video explores the management of the data life cycle, which includes the creation, storage, use, sharing, archiving and destruction of data. It also covers how to determine the level of protection needed and data loss prevention.
Enterprise resiliency

Video - 00:25:00

With threats being a constant in the IT and IS fields, this video discusses resiliency within the enterprise; the creation of a business continuity plan (BCP), beginning with the business Impact Assessment (BIA); and disaster recovery if an unplanned event occurs.
Project management

Video - 00:26:00

In this video on project management in the information technology and security fields, the focus is on the 4 steps of project management: initiation, planning, execution and closeout. It also discusses PM methodologies, project failure and response, system testing and the consequences of poor management.
IT operations management

Video - 01:12:00

In this video, the instructor explores IT operations management, including supply chain management, IT and networking components, TCP/IP stacks, various network topologies, configuration management, software hardening, virtualization, updating the risk register and cloud computing.
Enterprise architecture

Video - 00:19:00

This video introduces the concept of enterprise architecture, a process that includes examination, evaluation and adjustment, as well as maturity models and alternatives and the guidance components for a framework: organization, documentation, notation and process.
Introduction to Domain 4: Information technology and security

Video - 00:05:00

This introduction to Domain 4 notes the weight of the domain on the exam (22%), provides the outline for the coursework and details the learning objectives for Domain 4: Information Technology and Security.
ISACA overview of Domain 4: Information technology and security

Video - 00:02:00

A brief overview of the ISACA CRISC coursework and exam for Domain 4: Information Technology and Security

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Award-winning training you can trust