The first step to becoming CRISC certified is to take and pass the CRISC certification exam. The exam consists of 150 questions covering 4 job practice domains and tests your understanding of the knowledge and practical abilities an expert professional brings to the real-life job practice as it relates to information systems risk and control. Your ability to pass the exam will amount to substantial proof of your own expertise in these practical work-related domains:
- Identifying IT Risk– Proficiency in this realm validates the expertise required to identify the universe of IT risk in order to contribute to the execution of the IT risk management strategy, in support of business objectives and in alignment with the enterprise risk management (ERM) strategy. Domain 1 confirms one’s ability to recognize and gauge threats and vulnerabilities to the organization’s people, processes and technology.
- Assessing IT Risk– Exam success demonstrates the advanced ability to analyze and evaluate IT risk to determine the likelihood and impact on business objectives, in order to enable risk-based decision making. Domain 2 attests to advanced skill in identifying the current state of existing controls and evaluating their effectiveness for IT risk mitigation.
- Risk Response and Mitigation– This key job practice area verifies expertise in determining risk response options while evaluating their efficiency and effectiveness to manage risk in alignment with business objectives. Domain 3 tests your ability to select and implement informed risk decisions that are well-aligned and enunciated throughout the organization.
- Risk and Control Monitoring and Reporting– the final job practice area assesses your capacity to continuously monitor and report on IT risk and controls to relevant stakeholders, so as to ensure the effectiveness of the IT risk management strategy and its alignment with business objectives. Domain 4 assesses your ability to define and establish key risk indicators (KRIs) and thresholds based on available data, to enable monitoring of changes in risk.
Designed for those experienced in the management of IT risk and the design, implementation, monitoring and maintenance of IS controls.
All ISACA certification exams consist of 150 multiple choice questions that cover the respective job practice areas created from the most recent job practice analysis. Candidates have up to 4 hours (240 minutes) to complete the exam.
Cybiant offer the following learning options for this course:
Self-Paced-Online Learning - 3 months access
If your a choosing the Self-Paced-Online (SPO) learning option, you will complete the course on your own time, in your own pace. Cybiant will provide you with access to an online learning environment where you can watch videos, and practice with sample questions. The SPO option provides access for 3 months, and includes the official exam.
Virtual Training - 2x2hours per day
If you are choosing the virtual training learning option, you will participate in a live course by a Cybiant instructor, which is delivered 100% online. You will receive meeting invitations to participate in the live lectures through the Zoom platform. There will be 2 x 2-hour sessions per day, so this option does provide you with flexibility to plan some other work. All sessions are recorded, in case you miss any of the session. All virtual training courses include the official examination, which will be taken online on the last day of class.
Classroom Training - full day
If you are choosing the classroom training option, you will participate in this training in a live class in a 5-star hotel. This training option provides you with the opportunity to discuss topics in detail with other course participants, and learn from their experience. You will be trained by one of our Cybiant experts, and will complete the exam on the last day of class. Training is conducted daily, based on the following time schedule:
Start time: 09:00 UTC+08
End time: 17:00 UTC+08