CRISC Training

Online Instructor-led (3 days)

Classroom (3 days)

Online Self-paced (24 hours)

Certified Risk and Information Systems Control (CRISC) Course Outline

Domain 1: Governance

Module 1: Organisational Governance

  • Organisational Strategy, Goals, and Objectives
  • Organisational Structure, Roles, and Responsibilities
  • Organisational Culture
  • Policies and Standards
  • Business Process Review
  • Organisational Assets

Module 2: Risk Governance

  • Enterprise Risk Management and Risk Management Frameworks
  • Three Lines of Defence
  • Risk Profile
  • Risk Appetite, Tolerance and Capacity
  • Legal, Regulatory and Contractual Requirements
  • Professional Ethics of Risk Management

Domain 2: IT Risk Assessment

Module 3: IT Risk Identification

  • Risk Events
  • Threat Modelling and Threat Landscape
  • Vulnerability and Control Deficiency Analysis
  • Risk Scenario Development

Module 4: IT Risk Analysis, Evaluation and Assessment

  • Risk Assessment Concepts, Standards and Frameworks
  • Risk Register
  • Risk Analysis Methodologies
  • Business Impact Analysis
  • Inherent, Residual and Current Risk

Domain 3: Risk Response and Reporting

Module 5: Risk Response

  • Risk and Control Ownership
  • Risk Treatment/Risk Response Options
  • Third Party Risk Management
  • Issue, Finding and Expectation Management
  • Management of Emerging Risk

Module 6: Control, Design and Implementation

  • Control Types, Standards and Frameworks
  • Control Design, Selection and Analysis
  • Control Implementation
  • Control Testing and Effectiveness Evaluation

Module 7: Risk Monitoring and Reporting

  • Risk Treatment Plans
  • Data Collection, Aggregation, Analysis and Validation
  • Risk and Control Monitoring Techniques
  • Key Performance Indicators
  • Key Risk Indicators
  • Key Control Indicators

Domain 4: Information Technology and Security

Module 8: Information Technology Principles

  • Enterprise Architecture
  • IT Operations Management
  • Project Management
  • Enterprise Resiliency
  • Data Life Cycle Management
  • System Development Life Cycle
  • Emerging Trends in Technology

Module 9: Information Security Principles

  • Information Security Concepts, Frameworks and Standards
  • Information Security Awareness Training
  • Data Privacy and Principles of Data Protection

Show moredown

Who should attend this Certified in Risk and Information Systems Control Course?

The Certified in Risk and Information Systems Control (CRISC) is a professional certification designed for IT professionals who are responsible for managing risk and ensuring the security of information systems. The course can be helpful for various professionals including:

  • Risk Managers
  • Information Security Managers
  • IT Auditors
  • Compliance Officers
  • C-suite Executives
  • Project Managers
  • Security Engineers

Prerequisites of the Certified in Risk and Information Systems Control Training Course

There are no formal prerequisites for this Certified in Risk and Information Systems Control (CRISC) Training Course.

Certified Risk and Information Systems Control (CRISC) Course Overview

CRISC (Certified in Risk and Information Systems Control) is an enterprise risk management certification for IT professionals. It helps them to acquire skills and knowledge for identifying and managing enterprise IT risk. CRISC focuses on the organisational framework for managing and mitigating risk across business processes and technology.

This CRISC Training Course aims to provide delegates with valuable technical skills, ensuring success and prosperity in the empire of IT security. Pursuing this training will help individuals to develop and establish their useful and preferred IT security careers worldwide.

In this 3-day Certified in Risk and Information Systems Control (CRISC) Training Course, delegates will gain in-depth knowledge about the methods and processes associated with risk identification, risk analysis, responding to risk, and controlling risk. During this training, delegates will cover various concepts such as organisational governance, IT risk assessment, risk response, project management, enterprise resiliency, information technology and security, business impact analysis, etc.

Course Objectives:

  • To provide delegates with an in-depth understanding of the frameworks and practices involved in IT risk identification and management
  • To equip delegates with the skills necessary to design and implement robust information systems controls tailored to their organisation's needs
  • To enhance delegates' ability to effectively assess and mitigate IT risks
  • To develop delegates' competence in establishing a risk management strategy that is compliant with global standards and best practices
  • To foster critical thinking and problem-solving skills among delegates

Upon completion of the CRISC (Certified in Risk and Information Systems Control) Training Course, delegates will be equipped with a robust understanding of IT risk management and the ability to design, implement, monitor, and maintain information systems controls. Holding the required expertise and knowledge of CRISC domains will help individuals to grow their careers as risk professionals and also provide value to their company.

Show moredown

What’s included in this Certified in Risk and Information Systems Control Course?

  • World-Class Training Sessions from Experienced Instructors
  • Certified in Risk and Information Systems Control Certificate
  • Digital Delegate Pack

Show moredown

Not sure which course to choose?

Speak to a training expert for advice if you are unsure of what course is right for you. Give us a call on +61 272026926 or Enquire.

Package deals for CRISC Training

Our training experts have compiled a range of course packages on a variety of categories in CRISC Training, to boost your career. The packages consist of the best possible qualifications with CRISC Training, and allows you to purchase multiple courses at a discounted rate.

Swipe for more. Don’t miss out!

CRISC Training FAQs

CRISC or Certified Risk and Information Systems Control is a globally recognised credential for IT and business professionals who identify and manage risks through the development, implementation, and maintenance of information systems controls.
Anyone who is interested in learning about Information Security can attend this course.
Apart from this course, we offer a digital delegate pack, training sessions with experienced instructors, and a certificate upon completion of the course.
There are no formal prerequisites for attending this course.
It is a globally recognised certification which would enhance your risk management skills, give you better credibility, improved job prospects, and familiarise you with information technology risks.
You will gain a range of skills through this course, including risk monitoring and reporting, risk identification and assessment, risk response and mitigation.
This course covers multiple topics like IT risk assessment, risk response and reporting, information technology and reporting, and more. Learn about these topics in detail with this course.
Upon completion of the Certified Risk and Information Systems Control (CRISC) Course , delegates will receive a certificate.
The Knowledge Academy stands out as a prestigious training provider known for its extensive course offerings, expert instructors, flexible learning formats, and industry recognition. It's a dependable option for those seeking a CRISC Certification.
Please see our CRISC Training courses available in Australia
The Knowledge Academy is the Leading global training provider for CRISC Training.
The training fees for CRISC Training in Australia starts from AUD6695.
Show more down

Why we're the go to training provider for you


Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.


Trusted & Approved

We are accredited by PeopleCert on behalf of AXELOS


Many delivery methods

Flexible delivery methods are available depending on your learning style.


High quality resources

Resources are included for a comprehensive learning experience.

barclays Logo
deloitte Logo
Thames Water Logo

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water

santander logo
bmw Logo
Google Logo

Looking for more information on CRISC Training



Special Discounts




Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.



Press esc to close

close close

Back to course information

Thank you for your enquiry!

One of our training experts will be in touch shortly to go overy your training requirements.

close close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.