CRISC Exam Preps


The Certified Risk Information Systems Control training course provides delegates with valuable technical skills, which ensure success and prosperity in the realm of IT security.


The CRISC certification is a powerful manifestation of proficiency and expertise regarding various areas of risk.


The demand for CRISC qualified individuals is ever-growing, and CRISC has been established as one of the most desirable and preferable IT security certifications worldwide.


During this 3-day training course, students will become knowledgeable of the methods and processes associated with risk identification, risk analysis, responding to risk, and controlling risk. 

Preparation for the CRISC examination will be a primary focus throughout this training course.


Students will explore all four areas of the CRISC exam, and candidates will also be provided with a complete revision programme consisting of knowledge assessments, discussions, and exercises.

Who should attend?

This Certified Risk Information Systems Control training course is intended for anyone who manages IT risk and information security controls within their job role. 


The course has no prerequisites,

The four CRISC domains are as follows:

  • IT Risk Identification

  • IT Risk Assessment

  • Risk Response and Mitigation

  • Risk and Control Monitoring and Reporting



CRISC Outline

This training course will focus on the four domains of Certified Risk Information Systems Control. The course outline encompasses:

  • An Introduction to CRISC

  • Course Objectives

  • About CRISC

  • CRISC Domain Overview

  • CRISC Value

Domain 1: Risk Identification

  • Risk Identification Objectives

  • Risk Identification Overview

  • Concepts of IT Risk

  • Risk Management Standards

  • Risk Identification Frameworks

  • Assets

  • Threats

  • Vulnerabilities

  • Elements of Risk

  • Penetration Testing

  • COBIT 5

  • ISO

  • Risk Scenarios

  • Communicating Risk

  • Risk Awareness

  • Organisational Structures and Culture

  • Risk within the Enterprise

  • Compliance

  • Principles of Risk

  • Conclusion​

Domain 2: Risk Assessment

  • Risk Assessment Objectives

  • Risk Assessment Overview

  • Risk Assessment Techniques

  • Risk Assessment Analysis

  • Methodologies

  • Control Assessment

  • Risk Evaluation and Impact Assessment

  • Risk and Control Analysis

  • Third Party Management

  • System Development Lifecycle

  • Developing Technologies

  • Enterprise Architecture

  • Conclusion

Domain 3: Risk Response and Mitigation

  • Risk Response and Mitigation Objectives

  • Risk Response and Mitigation Overview

  • Risk Response Options

  • Response Analysis

  • Risk Response Plans

  • Control Objectives and Practices

  • Control Ownership

  • Systems Control Design Implementation

  • Control and Countermeasures

  • Business Continuity

  • Disaster Recovery

  • Risk Accountability

  • Inherent and Residual Risk

  • Conclusion

Domain 4: Risk and Control Monitoring and Reporting

  • Risk and Control Monitoring and Reporting Objectives

  • Risk and Control Monitoring and Reporting Overview

  • Key Risk Indicators (KRIs)

  • Data Collection

  • Monitoring Controls

  • Control Assessments

  • Penetration Testing

  • Vulnerability Assessments

  • Third Party Assurance

  • Maturity Model Assessment

  • Techniques for Improvement

  • Capability Maturity Model

  • IT Risk Profile


Pay for CRISC Class Here

 Email:  Address:  (Ghana) Achiaa Hse (Eco-Bank Building, New Achimota, Accra

© 2021 by  CYBERGHANA CyberLabs. 

Digital Adress: GW-1007-4724
  • White Twitter Icon
  • White Google+ Icon