Get Certified in Risk and Information Systems Control (CRISC)
The Certified in Risk and Information Systems Control (CRISC) certification path teaches you how to design, implement, monitor and maintain risk-based, efficient and effective IS controls.
ISACA CRISC training
This learning path builds on your existing enterprise security knowledge and prepares you to earn ISACA’s highly-regarded CRISC certification. You’ll learn how to help enterprises understand their business risk and improve your skills around implementing effective information systems controls as you progress through 15 courses aligned with the four CRISC exam objectives. You’ll dive deep into the world of enterprise risk, including frameworks, strategies, assessments, analysis, mitigation and response, as well as the design, implementation and monitoring of information system controls. Upon completion, you’ll be prepared to earn your CRISC certification and validate your knowledge as an enterprise risk management professional.
Learning path components
CRISC Custom Practice Exam
CRISC Skill Assessment
Risk Identification Overview
Risk Identification Frameworks and Methods
Risk Culture and Communication
IT Risk Strategy
Impact of Compliance
IT Security Risk Concepts
Risk Assessment Overview
Risk Assessment Techniques
Risk and Control Analysis
Risk-Based Decision Making
Risk Response and Mitigation Overview
Risk Response Options
Control Design and Implementation
Risk and Control Monitoring and Reporting Overview
Key Risk Indicators and Key Performance Indicators
What you’ll learn.
The CRISC certification exam covers four primary domains:
- IT risk identification
- IT risk assessment
- Risk response and mitigation
- Risk and control monitoring and reporting
Who is this for?
To become a CRISC, you need to both pass the CRISC exam and have three years experience performing the tasks of a CRISC professional across at least two of the four domains (one of which must be either IT risk identification or IT risk assessment).
This certification path is designed for:
- Risk management professionals
- Cybersecurity managers
- Business analysts
- Project managers
- Compliance professionals
- Anyone with a desire to learn risk management and get certified!
You're in good company
"Comparing Infosec to other vendors is like comparing apples to oranges. My instructor was hands-down the best I’ve had."
"I knew Infosec could tell me what to expect on the exam and what topics to focus on most."
"I’ve taken five boot camps with Infosec and all my instructors have been great."