Certified in Risk and Information Systems Control (CRISC)

Be the first to leave a review.

ISACA’s Certified in Risk and Information Systems Control (CRISC®) certification and training is ideal for mid-career professionals engaged in enterprise risk management and control. The CRISC training gives you the knowledge, expertise, and credibility in your interactions with internal and external stakeholders, peers and regulators.

Delivery format: Classroom, Virtual-Led
Certification: Certified in Risk and Information Systems Control (CRISC®)

Categories:
Share
Tweet
Email
Certified in Risk and Information Systems Control (CRISC)

Cybiant has exceeded my expectations in delivering this training. My instructor guided me every step of the way, and helped me prepare for the exam. Best training I have been to in a long time.

Johnathon Smith, Adecco

I completed the RPA Fundamentals training with Cybiant. Although it was a difficult training, Mike made it is almost sound easy. I am confident that I am now well prepared to pass the examination. Thank Mike!

Justin Woo, Petronas Digital

Certified in Risk and Information Systems Control (CRISC)

ISACA’s Certified in Risk and Information Systems Control (CRISC) certification and training courses indicates expertise in identifying and managing enterprise IT risk and implementing and maintaining information systems controls. Gain instant recognition and credibility with CRISC and boost your career. If you are a mid-career IT professional with a focus on IT and cyber risk and control, the CRISC training can get you the leverage you need to grow in your career.

CRISC is now one of the most highly sought-after qualifications. It is the only certification that prepares and enables IT professionals for the unique challenges of IT and enterprise risk management, and positions them to become strategic partners to the enterprise. This CRISC training has been designed to comprehensively cover the full CRISC syllabus and to prepare you for a first-time pass in the CRISC exam.

Types of risk may vary, but with its key role as an agent of innovation, technology has become the most critical risk factor for today’s enterprises. Since, conducting a risk assessment is not something a typical information technology education includes, many IT professionals are lacking in knowledge that businesses increasingly deem imperative to determining their future success.

The Certified in Risk and Information Systems Control (CRISC) designation is designed for IT risk, control and compliance practitioners, business analysts, project managers and other resected professionals. The highly respected certification demonstrates to employers that the holder is able to identify and evaluate IT risk, and help their enterprise accomplish its business objectives. CRISC has received over 15 global recognitions.

Since its introduction in 2010, more than 24,000 professionals have obtained ISACA®’s Certified in Risk and Information Systems Control™ (CRISC™) certification. The designation demonstrates to employers that the holder is able to identify, evaluate and manage information systems and technology risk, and help enterprises achieve their business objectives.

Registration

Cybiant offers the following learning options for this course:

Virtual Training – 2×2 hours per day
The virtual training option is an online class taught by a live Cybiant instructor. You will receive a meeting invitation to participate in the live lectures. Our virtual training courses are organized in 2 x 2-hour sessions per day to accommodate some other work. Official examinations are included in the pricing.

Classroom Training – full day
The classroom training option will be conducted by a Cybiant instructor in a 5-star hotel. You will participate in a live training and meet other participants. Breaks, lunch and exam voucher are included in the pricing.

You can register for the course by selecting the option of your choice below:

ImageNameFormatDatesPriceBuy
Certified in Risk and Information Systems Control (CRISC) - Classroom, 21-24 April 2025 Kuala Lumpur
Certified in Risk and Information Systems Control (CRISC)Classroom21-24 April 2025 Kuala LumpurRM11,130.00
Certified in Risk and Information Systems Control (CRISC) - Virtual, 4-7 August 2025
Certified in Risk and Information Systems Control (CRISC)Virtual4-7 August 2025RM10,030.00
Certified in Risk and Information Systems Control (CRISC) - Virtual, 17-20 November 2025
Certified in Risk and Information Systems Control (CRISC)Virtual17-20 November 2025RM10,030.00

If your preferred date is not available, please contact us via chat or email to discuss your requirements and arrange a session at a convenient time. 

Learning Objectives

The first step to becoming CRISC certified is to take and pass the CRISC certification exam. The exam consists of 150 questions covering 4 job practice domains and tests your understanding of the knowledge and practical abilities an expert professional brings to the real-life job practice as it relates to information systems risk and control. Your ability to pass the exam will amount to substantial proof of your own expertise in these practical work-related domains:

  • Identifying IT Risk– Proficiency in this realm validates the expertise required to identify the universe of IT risk in order to contribute to the execution of the IT risk management strategy, in support of business objectives and in alignment with the enterprise risk management (ERM) strategy. Domain 1 confirms one’s ability to recognize and gauge threats and vulnerabilities to the organization’s people, processes and technology.
  • Assessing IT Risk– Exam success demonstrates the advanced ability to analyze and evaluate IT risk to determine the likelihood and impact on business objectives, in order to enable risk-based decision making. Domain 2 attests to advanced skill in identifying the current state of existing controls and evaluating their effectiveness for IT risk mitigation.
  • Risk Response and Mitigation– This key job practice area verifies expertise in determining risk response options while evaluating their efficiency and effectiveness to manage risk in alignment with business objectives. Domain 3 tests your ability to select and implement informed risk decisions that are well-aligned and enunciated throughout the organization.
  • Risk and Control Monitoring and Reporting– the final job practice area assesses your capacity to continuously monitor and report on IT risk and controls to relevant stakeholders, so as to ensure the effectiveness of the IT risk management strategy and its alignment with business objectives. Domain 4 assesses your ability to define and establish key risk indicators (KRIs) and thresholds based on available data, to enable monitoring of changes in risk.

Target Audience

The Certified in Risk and Information Systems Control (CRISC) certification is designed for professionals who identify and manage enterprise IT risk and implement and maintain information systems controls. The target audience includes:

  • IT Professionals: Individuals involved in risk management, control, and assurance activities.

  • Risk Professionals: Those responsible for identifying and evaluating IT risk and its impact on the organization.

  • Control Professionals: Personnel tasked with designing, implementing, and maintaining IS controls.

  • Business Analysts: Professionals who assess business processes and their integration with IT risk management.

  • Project Managers: Individuals overseeing IT projects with a focus on risk assessment and mitigation.

Achieving the CRISC certification demonstrates a comprehensive understanding of the relationship between IT risk and business objectives, as well as the skills to design and implement effective IS controls.

Exam Structure

  1. Governance (26%): Focuses on understanding organizational governance, including structures, roles, policies, and the integration of IT risk management with enterprise risk management frameworks.

  2. IT Risk Assessment (20%): Centers on identifying and analyzing IT risk factors, developing risk scenarios, and evaluating their potential impact on the organization.

  3. Risk Response and Reporting (32%): Involves developing and managing risk response strategies, designing and implementing controls, and effectively communicating risk-related information to stakeholders.

  4. Information Technology and Security (22%): Covers IT principles such as enterprise architecture, operations management, project management, and information security concepts, including frameworks, standards, and data protection principles.

The exam comprises 150 multiple-choice questions, designed to evaluate practical knowledge and real-world application of IT risk management and control. Candidates are allotted a four-hour window to complete the exam. The exam is administered in a computer-based format at authorized PSI testing centers worldwide or can be taken as a remotely proctored exam. Registration is continuous, allowing candidates to schedule their exam appointments at their convenience.

Downloads

Reviews

There are no reviews yet.

Be the first to review “Certified in Risk and Information Systems Control (CRISC)”

Your email address will not be published. Required fields are marked *

Includes Examination

Unless otherwise specified, all courses include official examination

Expert Trainers

All Cybiant trainers are experts in their knowledge domain

14 Days Evaluation

Is your e-learning not what you expected? You get your money back.