The illustrations were created in cooperation between humans and artificial intelligence. They show a future in which technology is omnipresent, but people remain at the center.
AI-generated illustration
ISACA Certified in Risk and Information Systems Control (CRISC®)
Training including examination and certification
Online
4 days
German
€ 3.790,-
plus VAT.
€ 4.510,10
incl. VAT.
Booking number
42333
Venue
Online
.svg)
4 dates
€ 3.790,-
plus VAT.
€ 4.510,10
incl. VAT.
Booking number
42333
Venue
Online
4 dates
plus VAT.
incl. VAT.
Booking number
Venue
0 Dates
Become a certified
Machine Learning Engineer
Machine Learning Engineer
This course is part of the certified Master Class "Machine Learning Engineer". If you book the entire Master Class, you save over 15 percent compared to booking this individual module.
To the Master Class
In-house training
In-house training just for your employees - exclusive and effective.
Inquiries
In cooperation with
Identify, assess and manage IT risks in a targeted manner. The CRISC® training provides practical know-how for effective risk management and optimally prepares you for certification and the professional handling of digital threats.
Contents
Area 1: Governance
- Risk assessment concepts, standards and frameworks
- Corporate strategy, goals and targets
- Organizational structure, roles and responsibilities
- Corporate culture and assets
- Guidelines, standards and business processes
- Enterprise risk management, risk management frameworks and three lines of defense
- Risk profile, risk appetite and risk tolerance
- Dealing with the professional ethics of risk management and the requirements of laws, regulations and controls
Area 2: IT Risk Assessment
- Risk events, threat modeling and threat situation
- Analysis of weak points and control deficiencies
- Development of risk scenarios
- Risk register
- Methods of risk analysis
- Analysis of the impact on the business
- Inherent, residual and current risks
Area 3: Risk Response and Reporting
- Risk treatment/risk response options
- Responsibility for risks and controls
- Management of risks from processes, third parties and new sources
- Control types, standards and frameworks
- Control design, selection and analysis
- Control implementation, testing and effectiveness
- Risk treatment plans
- Data collection, aggregation, analysis and validation
- Techniques for risk and control monitoring and reporting
- Key performance, risk and control indicators
Area 4: Information Technology and Security
- Enterprise architecture
- IT operations management
- Project management
- Disaster recovery management
- Data lifecycle management
- System development life cycle
- New technologies
- Concepts, framework conditions, standards and awareness training on information security
- Business continuity management
- Principles of data protection and data security
Requirements:
There is no formal admission for attending the course.
The requirements for official ISACA® certification are:
- Passing the CRISC® examination The examination can be taken without professional experience. After passing the exam, certification must be applied for within 5 years.
- Proof of at least three years of professional experience in IT risk management and in the implementation of information system controls The experience must have been gained within the last ten years before submitting the application or within five years of passing the examination.
- Coverage of at least two of the four CRISC® domains Professional experience must include practical knowledge in at least two of the following four areas: Governance IT Risk Assessment Risk Response and Reporting Information Technology and Security
- Verifiability of professional experience Professional experience must be confirmed by a higher authority (e.g. line manager or HR department).
- Submitting the application for certification to ISACA® Online application via the ISACA® account Payment of an application fee of currently USD 50
- Acceptance of the ISACA® Code of Professional Ethics Commitment to ethical standards in the practice of the profession
- Compliance with Continuing Professional Education (CPE) requirements After certification: annual continuing education and proof of title maintenance (at least 20 CPEs per year, 120 within 3 years)
Additional info:
© ISACA®. All rights reserved.
CISM® is a registered trademark of ISACA®.
The training is conducted by the ISACA® accredited partner Digicomp Academy AG.
Your benefit
- Developing and managing a governance framework for IT risk management
- Establishing roles, responsibilities and risk profiles in the organization and IT
- Deriving an IT risk strategy as well as compliance and ethical management in accordance with corporate objectives and regulatory requirements
- Identifying risks by analyzing threats, vulnerabilities and risk scenarios
- Evaluating risks using methodologies such as business impact analysis, risk registers or risk tolerance assessments
- Prioritizing inherent and residual risks for targeted management
- Designing and managing risk treatment plans in coordination with stakeholders and control owners
- Implementing, testing and evaluating controls according to standards
- Developing efficient monitoring mechanisms, KPIs/KRIs/KCIs and reporting tools (e.g. heatmaps or dashboards)
- Integrating risk management and security principles into IT infrastructure and architecture
- Control of IT operating processes (change, incident, asset and project management), disaster recovery and SDLC processes
- Establishing a security culture including awareness programs and compliance with data protection standards
trainers
Umberto Annino
Methods
Depending on the type of learner, exam preparation requires at least 10-20 hours of additional time outside the classroom.
Certification
Exam format:
- 150 multiple-choice questions
- Duration: 4 hours (240 minutes)
- Implementation: Online with remote proctoring or in an authorized test center
- Language: Available in several languages (you specify the language when registering for the exam)
- Aids: none
Recommended for
The course is aimed at IT risk management professionals with at least three years of professional experience in identifying, assessing, managing and monitoring IT risks and setting up effective control systems.
It is ideal for IT risk managers, information security officers, GRC officers, auditors, IT managers and project managers who want to systematically align IT risks with corporate objectives. CRISC® certification strengthens your position in the company and creates trust among managers, stakeholders and supervisory authorities.
.svg)
