Get Certified in Risk and Information Systems Control (CRISC)

The Certified in Risk and Information Systems Control (CRISC) certification path teaches you how to design, implement, monitor and maintain risk-based, efficient and effective IS controls.

15 courses  //   49 videos  //   12 hours of training

Free training week — 700+ on-demand courses and hands-on labs

ISACA CRISC training

This learning path builds on your existing enterprise security knowledge and prepares you to earn ISACA’s highly-regarded CRISC certification. You’ll learn how to help enterprises understand their business risk and improve your skills around implementing effective information systems controls as you progress through 15 courses aligned with the four CRISC exam objectives. You’ll dive deep into the world of enterprise risk, including frameworks, strategies, assessments, analysis, mitigation and response, as well as the design, implementation and monitoring of information system controls. Upon completion, you’ll be prepared to earn your CRISC certification and validate your knowledge as an enterprise risk management professional.

Learning path components

CRISC Custom Practice Exam
Practice Exam
CRISC Custom Practice Exam

CRISC Custom Practice Exam

Prepare for your CRISC exam and test your domain knowledge.

Number of questions: 150

CRISC Skill Assessment
Assessment
CRISC Skill Assessment

CRISC Skill Assessment

See how your CRISC skills stack up against other professionals in your field.

Number of questions: 20

Risk Identification Overview
Course
Risk Identification Overview

Risk Identification Overview

Understand what you’ll need to prepare for the ISACA CRISC certification exam, and learn what to expect on the exam.

4 videos
60 minutes of training

Risk Identification Frameworks and Methods
Course
Risk Identification Frameworks and Methods

Risk Identification Frameworks and Methods

Review best practices for IT risk management, including the steps that risk managers need to go through.

2 videos
40 minutes of training

Risk Culture and Communication
Course
Risk Culture and Communication

Risk Culture and Communication

Risk culture, appetite and communication of risk are important in understanding how risk relates to the organization’s values, goals and objectives.

1 video
27 minutes of training

IT Risk Strategy
Course
IT Risk Strategy

IT Risk Strategy

Dive deeper into the importance of an IT strategy and how it should align with business goals, objectives and values.

1 video
31 minutes of training

Impact of Compliance
Course
Impact of Compliance

Impact of Compliance

Refresh your awareness about the regulatory and statutory privacy and security requirements and their impact on risk.

1 video
29 minutes of training

IT Security Risk Concepts
Course
IT Security Risk Concepts

IT Security Risk Concepts

Understand the security risks concepts and principles that impact IT risk practitioners’ jobs.

6 videos
105 minutes of training

Risk Assessment Overview
Course
Risk Assessment Overview

Risk Assessment Overview

Get an overview of the IT risk assessment aspects that risk practitioners need to know.

3 videos
41 minutes of training

Risk Assessment Techniques
Course
Risk Assessment Techniques

Risk Assessment Techniques

Learn how to assess the potential impacts of the various IT risks.

3 videos
34 minutes of training

Risk and Control Analysis
Course
Risk and Control Analysis

Risk and Control Analysis

From audits and logs to incident reports, each control gives you a different view of your risks, and should be enhanced by other tools such as vendor reports and penetration testing. Walk through the different controls and tools to get a better understanding of how they can help you manage your organization’s risks. The course also explains quantitative and qualitative methodologies and risk ranking.

3 videos
76 minutes of training

Risk-Based Decision Making
Course
Risk-Based Decision Making

Risk-Based Decision Making

Learn about different business-related and IT management aspects that factor into risk assessment.

6 videos
52 minutes of training

Risk Response and Mitigation Overview
Course
Risk Response and Mitigation Overview

Risk Response and Mitigation Overview

See the learning objectives for CRISC Domain 3, Risk Response and Mitigation.

3 videos
19 minutes of training

Risk Response Options
Course
Risk Response Options

Risk Response Options

Alignment with business objectives is one of the drivers of risk management.

4 videos
44 minutes of training

Control Design and Implementation
Course
Control Design and Implementation

Control Design and Implementation

Understand the major types of risk controls and their interdependencies.

5 videos
65 minutes of training

Risk and Control Monitoring and Reporting Overview
Course
Risk and Control Monitoring and Reporting Overview

Risk and Control Monitoring and Reporting Overview

Gain the knowledge you need for monitoring and reporting risks.

3 videos
22 minutes of training

Key Risk Indicators and Key Performance Indicators
Course
Key Risk Indicators and Key Performance Indicators

Key Risk Indicators and Key Performance Indicators

Learn key risk indicators, key performance indicators, plus monitoring and reporting tools and techniques.

4 videos
49 minutes of training

 

What you’ll learn.

The CRISC certification exam covers four primary domains:

  • IT risk identification
  • IT risk assessment
  • Risk response and mitigation
  • Risk and control monitoring and reporting

Who is this for?

To become a CRISC, you need to both pass the CRISC exam and have three years experience performing the tasks of a CRISC professional across at least two of the four domains (one of which must be either IT risk identification or IT risk assessment).

This certification path is designed for:

  • Risk management professionals
  • Cybersecurity managers
  • Business analysts
  • Project managers
  • Compliance professionals
  • Anyone with a desire to learn risk management and get certified!

Train on your schedule

Personal
Teams

Infosec Skills subscription

Monthly
Annually
  • 80+ role-based learning paths (Ethical Hacking, Threat Hunting, etc.)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (CISSP, Security+, etc.)
  • Skill assessments
  • Infosec peer community support
  • Create custom learning paths from 100s of courses

Infosec Skills boot camp

Request a quote for pricing

 

Request Quote Browse Boot Camps
  • Exam Pass Guarantee
    If you don’t pass your exam on the first attempt, you'll get a second attempt for free. Includes the ability to re-sit the course for free for up to one year.
  • 100% Satisfaction Guarantee
    If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.
  • Live, instructor-led training (available in-person or online)
  • 90 day extended access to recordings of daily lessons
  • Certification exam voucher
  • Learn by doing with hundreds of additional hands-on courses and labs Infosec Skills Annual

Infosec Skills subscription

Annual

$599 per learner / year

Request Quote Free Team Trial
  • Team administration and reporting
  • Transferable licenses
  • 80+ role-based learning paths (Ethical Hacking, Threat Hunting, etc.)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (CISSP, Security+, etc.)
  • Skill assessments
  • Create and assign custom learning paths
  • Dedicated client success manager

Infosec Skills boot camp

Request a quote for pricing

 

Request Quote Browse Boot Camps
  • Team boot camp administration and reporting
  • Exam Pass Guarantee
    If you don’t pass your exam on the first attempt, you'll get a second attempt for free. Includes the ability to re-sit the course for free for up to one year.
  • 100% Satisfaction Guarantee
    If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.
  • Knowledge Transfer Guarantee
    If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
  • Certification exam vouchers
  • Live, instructor-led training (available onsite, in-person or online)
  • 90 days extended access to recordings of daily lessons
  • Build your team's skills with hundreds of additional hands-on courses and labs

Award-winning training that you can trust

Best Software - Highest Satisfaction

Best Software - Highest Satisfaction

Infosec Skills

Best IT Security-related Training Program

Best IT Security-related Training Program

Infosec Skills

Best Cybersecurity Education Provider & Best Security Education Platform

Best Cybersecurity Education Provider & Best Security Education Platform

Infosec Skills

Most Innovative Product - Cybersecurity Training for Infosec Professionals

Most Innovative Product - Cybersecurity Training for Infosec Professionals

Infosec Skills

Global Excellence - Cyber Security Education & Training

Global Excellence - Cyber Security Education & Training

Infosec Skills

Exceptional learning experiences powered by LX Labs cyber expertise

Infosec Skills courses and labs are powered by LX Labs — our elite team of cyber SMEs, learning specialists and community of top-ranked security instructors, published authors and sought-after industry leaders. We rigorously vet all Infosec Skills training resources to guarantee they meet certification and compliance requirements and align with recognized guidelines like the NICE Cybersecurity Workforce Framework.

LX Labs

Infosec Named a Leader in Security Awareness & Training

Read the Forrester Wave to learn what sets Infosec apart and the latest training program trends.