Author: Kevin Henry
This path provides foundational knowledge of the process of information systems risk management. The process of risk management is used in establishing an information security framework. Use this path to learn more about IT risk and how it relates to your company, or use it to prepare for the ISACA® CRISC™ (Certified in Risk and Information Systems Control™) exam, with coverage of the 2015 CRISC™ Job Practice Areas.... Read more Read less
These courses will help prepare you for the ISACA® CRISC™ (Certified in Risk and Information Systems Control™) exam, with coverage of the 2015 CRISC™ Job Practice Areas.
In this course, Risk Management and Information Systems Control: Introduction to Risk, you'll have the opportunity to gain a high-level understanding of the risk management process. This includes delving into knowledge of threats and attacks and exploring the mysteries and terminologies of risk management. This course helps prepare you for certification under ISACA's CRISC certification. First, you'll learn about the common approaches used to identify and manage risk. Next, you'll learn about the risk management terminology and standards. Finally, you'll wrap up the course learning about corporate governance. By the end of this course, you will have the foundational knowledge needed to perform an effective risk management program.
Risk management is a challenge for most organizations. This course, Risk Management and Information Systems Control: Risk Identification, addresses the key parts of the risk management process starting with risk identification. The course first examines the factors that influence risk, from management attitudes and awareness to laws and standards. Next, you will learn about how to identify asset values, threats, and vulnerabilities in your organization. Last, you will learn about management's responsibilities when it comes to risk identification. By the end of this course, you will understand how to perform risk identification in your organization.
This course addresses the third part of the risk management effort, the assessment and prioritization of risk. This will ensure that management is provided complete and accurate information required to make the appropriate risk response decision. You will learn the process of risk assessment including threat and vulnerability identification, analysis of impact and likelihood of risk, and the process of communicating risk to management. As a candidate for the CRISC examination, it is essential to have a solid understanding of risk assessment.
The development of a risk response strategy is based on many factors including cost, culture, other projects, and available resources. You will first examine the factors that influence the risk response decision and how to ensure that the risk faced by the organization is within management defined limits. Next, you will cover the topics of inherent risk, data protection, and data encryption. Last, you will look at risk areas to consider in your organization. By the end of this course, you will be one step closer to being prepared for the ISACA CRISC certification examination.
Risk is an ever-changing world as new technologies, threats, and vulnerabilities threaten to affect business goals and mission. The risk practitioner must be ever-alert and diligent to observe and communicate with management on the effectiveness and efficiency of the risk management process. In this course, Risk Management and Information Systems Control: Risk and Control Monitoring and Reporting, you will learn about how to monitor risk, evaluate IT controls, communicate risk monitoring results, and update the risk register. By the end of this course, you'll have an understanding of risk monitoring and the way that risk monitoring supports the overall process and goals of risk management.
CRISC™ candidates are required to have a minimum of three years of cumulative work experience performing tasks across at least two of the four CRISC™ domains. This path does not require any prior knowledge or experience.