CRISC

Certified in Risk and Information Systems Control (CRISC)

4 dagen
Intermediate
Available in English

Volg de training Certified in Risk and Information Systems Control geeft je hulp bij het ontwerpen, implementeren, bewaken en onderhouden van op risico's gebaseerde, efficiënte en effectieve IS-controles.

Na afronding van deze training kun je onder andere:

Entiteitsspecifieke risico's identificeren en evalueren
Op risico's gebaseerde, efficiënte en effectieve IS-controles ontwerpen, implementeren, onderhouden en bewaken
Het officieële CRISC-examen behalen
€ 3.495,-
Bekijk beschikbaarheid
Wat je van ons kunt verwachten
Beste lesmethode
Flexibel inplannen
Kleine klassen
100% Slagingsgarantie
Wat onze klanten vinden
Hulp of advies nodig?
Mail Sofie of laat haar je terugbellen.
info@master-it.nl 040-2323390

Training: Certified in Risk and Information Systems Control (CRISC)

The CRISC – Certified Risk and Information System Auditor – certificate gives you international recognition (from ISACA) as a security professional. 

The CRISC designation will not only certify professionals who have knowledge and experience identifying and evaluating entity-specific risk, but also aid them in helping enterprises accomplish business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls.

  • IT Risk Identification 27%
  • IT Risk Assessment 28%
  • Risk Response and Mitigations 23%
  • Risk and Control Monitoring and Reporting 22%

QAE (Questions, Answers and Explanations) is online available via a voucher which is part of the courseware.The requirements for certification are:Pass the official CRISC-examThree (3) or more years of cumulative work experience performing the tasks of a CRISC professional across at least two (2) CRISC domains, of which one must be in Domain 1 or 2, is required for certification. There are no substitutions or experience waivers.The exam lasts 4 hours and consists of 150 English Multiple Choice questions.The examvoucher is not included in the price

There is no prerequisite to take the CRISC exam; however, in order to apply for CRISC certification you must meet the necessary experience requirements as determined by ISACA

CRISC is for IT professionals, risk professionals, business analysts, and project manager and/or compliance professionals and anyone who has job responsibilities in the following areas: Risk identification, assessment, evaluation, risk response, monitoring and IS control design/monitoring and implementation/maintenance.

Domain 1—Risk Identification, Assessment and EvaluationCollect information and review documentation to ensure that risk scenarios are identified and evaluatedIdentify legal, regulatory and contractual requirements and organizational policies and standards related to information systems to determine their potential impact on the business objectives.Identify potential threats and vulnerabilities for business processes, associated data and supporting capabilities to assist in the evaluation of enterprise risk.Create and maintain a risk register to ensure that all identified risk factors are accounted for.Assemble risk scenarios to estimate the likelihood and impact of significant events to the organization.Analyze risk scenarios to determine their impact on business objectives.Develop a risk awareness program and conduct training to ensure that stakeholders understand risk and contribute to the risk management process and to promote a risk-aware culture.Correlate identified risk scenarios to relevant business processes to assist in identifying risk ownership.Validate risk appetite and tolerance with senior leadership and key stakeholders to ensure alignmentDomain 2—Risk ResponseIdentify and evaluate risk response options and provide management with information to enable risk response decisions.Review risk responses with the relevant stakeholders for validation of efficiency, effectiveness and economy.Apply risk criteria to assist in the development of the risk profile for management approval.Assist in the development of risk response action plans to address risk factors identified in the organizational risk profile.Assist in the development of business cases supporting the investment plan to ensure risk responses are aligned with the identified business objectives.Domain 3—Risk MonitoringCollect and validate data that measure key risk indicators (KRIs) to monitor and communicate their status to relevant stakeholders.Monitor and communicate key risk indicators (KRIs) and management activities to assist relevant stakeholders in their decision-making process.Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively.Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements.Domain 4—Information Systems Control Design and ImplementationInterview process owners and review process design documentation to gain an understanding of the business process objectives.Analyze and document business process objectives and design to identify required information systems controls.Design information systems controls in consultation with process owners to ensure alignment with business needs and objectives.Facilitate the identification of resources (e.g., people, infrastructure, information, architecture) required to implement and operate information systems controls at an optimal level.Monitor the information systems control design and implementation process to ensure that it is implemented effectively and within time, budget and scope.Provide progress reports on the implementation of information systems controls to inform stakeholders and to ensure that deviations are promptly addressed.Test information systems controls to verify effectiveness and efficiency prior to implementation.Implement information systems controls to mitigate risk.Facilitate the identification of metrics and key performance indicators (KPIs) to enable the measurement of information systems control performance in meeting business objectives.Assess and recommend tools to automate information systems control processes.Provide documentation and training to ensure information systems controls are effectively performed.Ensure all controls are assigned control owners to establish accountability.Establish control criteria to enable control life cycle managementDomain 5—IS Control Monitoring and MaintenancePlan, supervise and conduct testing to confirm continuous efficiency and effectiveness of information systems controls.Collect information and review documentation to identify information systems control deficiencies.Review information systems policies, standards and procedures to verify that they address the organization’s internal and external requirements.Assess and recommend tools and techniques to automate information systems control verification processes.Evaluate the current state of information systems processes using a maturity model to identify the gaps between current and targeted process maturity.Determine the approach to correct information systems control deficiencies and maturity gaps to ensure that deficiencies are appropriately considered and remediated.Maintain sufficient, adequate evidence to support conclusions on the existence and operating effectiveness of information systems controls.Provide information systems control status reporting to relevant stakeholders to enable informed decision making.

10
Jennifer Pereira
Ik heb hier de 2-daagse training Microsoft Dynamics 365 fundamentals gevolgd. Medewerkers zijn zeer hulpvaardig en denken ver mee, dit vond ik TOP! De Active Learning training met vakkundige trainster is me heel goed bevallen. De lunch was royaal en erg lekker! Kortom, wellicht tot ziens!
9,0
Willem de Lang
In Februari een 5-daagse training WS-11 (Server 2019) gevolgd in twee weken. Deze training was op basis van het Active Learning programma en dit is me zeer goed bevallen. De instructeur had voldoende tijd/kennis om vragen te beantwoorden en me verder te helpen wanneer ik vast liep.
9,5
Edwin Kruize
Bij Master IT train ik al jaren on-site in Eindhoven wat mij ontzettend goed bevalt. De Active Learning lesmethode is perfect voor mij en kan ik op mijn eigen tempo en onder goede begeleiding mijn studies volgen. De trainers hebben veel brede kennis en nemen de tijd voor je. 

In de klas, online of beiden.

Klassikaal

Bij de klassikale lesvorm voor trainingen staat een ervaren docent voor de klas. De gecertificeerde, praktijkgerichte trainer begeleidt je door de lesstof, geeft uitleg, laat voorbeelden zien, geeft hands-on opdrachten en behandelt vragen. Alle cursisten leren in hetzelfde tempo en krijgen dezelfde lesstof. De docent bepaalt het tempo afhankelijk van de behoefte van de groep.

Praktijkgerichte training
Gecertificeerde trainers
Hands-on opdrachten
Afgestemd op de leerdoelen van de groep
4 dagen voor € 3.495,-

Incompany

Wist jij dat alle IT trainingen die we aanbieden op de website ook bij jouw bedrijf uitgevoerd kunnen worden? Zo volg je een maatwerk IT training (Incompany training) met al je collega’s. Jij kunt de training nog specifieker voor jouw bedrijf laten inrichten en het is zelfs mogelijk om een geheel maatwerk traject door ons te laten ontwerpen.

Je bespaart reiskosten en reistijd voor de deelnemers, doordat onze trainer bij jou op locatie komt. Op deze manier kun je meerdere deelnemers van jouw organisatie dezelfde training laten volgen. Dat is efficiënt en effectief! Samen heb je een gemeenschappelijke opleidingsbehoefte en daar gaan we je bij helpen.

We hebben jarenlang ervaring in het geven van maatwerk it trainingen. We kijken zorgvuldig naar de opleidingsbehoefte om volledig aan te sluiten bij je wensen. Zo formuleren we haalbare en concrete doelstellingen en deelnemers kunnen het geleerde in de praktijk toepassen. Op deze manier groeien deelnemers persoonlijk en professioneel op meerdere niveaus.

Maatwerktraining
Van A-Z geregeld voor jouw team
Trainer komt op locatie
CRISC
Certified in Risk and Information Systems Control (CRISC)
€ 3.495,-
Bekijk beschikbaarheid