Home

Risk and Governance

CRISC

CRISC CERTIFICATION

CRISC Certification Training Course

CRISC Certification Training Course in Pune

CRISC® Certification Training Course

A Certified in Risk and Information Systems Control (CRISC) certification will help you become a Risk Management professional, you will learn how to enhance business resilience, deliver stakeholder value and optimize Risk Management across the enterprise. This is one of the top Risk Management certifications, it is accepted globally. You will be part of a global community of 25000 plus certified individuals who stand apart from their peers, showcasing a validated experience and expertise in Risk Management and Information Systems Security.

Last updated Mar 2025

Course Fee -

$ 3000

Buy Now

*taxes may applicable

Training By

Knowlathon

Certificate By

ISACA

Duration

32 Hours

Learning Aids

Practice Exam

Yes

LMS Access

Yes

K-Prime Warranty

Accredited By

Course Package

Exam Voucher by ISACA

Official Training Material from ISACA

Official CRISC E-Book

Highly Experienced & Accredited Instructor

Live Instructor-Led Sessions

Real Life Examples & Case Studies

Lifetime LMS Access

Target audience of CRISC Course

IT professionals
Risk professionals
Control professionals
Project managers
Business analysts.

Prerequisites of CRISC Certification

CRISC Exam and Certification information

The Certified in Risk and Information Systems Control (CRISC) exam consists of 150 questions covering 4 job practice domains, all testing your knowledge and ability on real-life job practices leveraged by expert professionals.

Duration – 240 Minutes
Questions – 150 MCQ type
Passing score – 450 or above (The exam scores on a scale between 200 and 800)
Exam Location - The PSI testing location is either a testing center or online remotely proctored.

CRISC Certification Journey

Domain 1: GOVERNANCE

A—ORGANIZATIONAL GOVERNANCE

Organizational Strategy, Goals, and Objectives
Organizational Structure, Roles and Responsibilities
Organizational Culture
Policies and Standards
Business Processes
Organizational Assets

B—RISK GOVERNANCE

Enterprise Risk Management and Risk Management Framework
Three Lines of Defense
Risk Profile
Risk Appetite and Risk Tolerance
Legal, Regulatory and Contractual Requirements
Professional Ethics of Risk Management

Domain 2: IT RISK ASSESSMENT

A—IT RISK IDENTIFICATION

Risk Events (e.g., contributing conditions, loss result)
Threat Modelling and Threat Landscape
Vulnerability and Control Deficiency Analysis (e.g., root cause analysis)
Risk Scenario Development

B—IT RISK ANALYSIS AND EVALUATION

Risk Assessment Concepts, Standards and Frameworks
Risk Register
Risk Analysis Methodologies
Business Impact Analysis
Inherent and Residual Risk

DOMAIN 3 – RISK RESPONSE AND REPORTING

A—RISK RESPONSE

Risk Treatment / Risk Response Options
Risk and Control Ownership
Third-Party Risk Management
Issue, Finding and Exception Management
Management of Emerging Risk

B—CONTROL DESIGN AND IMPLEMENTATION

Control Types, Standards and Frameworks
Control Design, Selection and Analysis
Control Implementation
Control Testing and Effectiveness Evaluation

C—RISK MONITORING AND REPORTING

Risk Treatment Plans
Data Collection, Aggregation, Analysis and Validation
Risk and Control Monitoring Techniques
Risk and Control Reporting Techniques (heatmap, scorecards, dashboards)
Key Performance Indicators
Key Risk Indicators (KRIs)
Key Control Indicators (KCIs)

DOMAIN 4 – INFORMATION TECHNOLOGY AND SECURITY

A—INFORMATION TECHNOLOGY PRINCIPLES

Enterprise Architecture
IT Operations Management (e.g., change management, IT assets, problems, incidents)
Project Management
Disaster Recovery Management (DRM)
Data Lifecycle Management
System Development Life Cycle (SDLC)
Emerging Technologies

B—INFORMATION SECURITY PRINCIPLES