Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.



Press esc to close

close close

Back to course information

Thank you for your enquiry!

One of our training experts will be in touch shortly to go overy your training requirements.

close close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

CRISC Training

Online Instructor-led (3 days)

Online Self-paced (24 hours)

Certified Risk and Information Systems Control (CRISC) Course Outline

Domain 1: Governance

Module 1: Organisational Governance

  • Organisational Strategy, Goals and Objectives
  • Organisational Structure, Roles and Responsibilities
  • Organisational Culture
  • Policies and Standards
  • Business Process Review
  • Organisational Assets

Module 2: Risk Governance

  • Enterprise Risk Management and Risk Management Frameworks
  • Three Lines of Defence
  • Risk Profile
  • Risk Appetite, Tolerance and Capacity
  • Legal, Regulatory and Contractual Requirements
  • Professional Ethics of Risk Management

Domain 2: IT Risk Assessment

Module 3: IT Risk Identification

  • Risk Events
  • Threat Modelling and Threat Landscape
  • Vulnerability and Control Deficiency Analysis
  • Risk Scenario Development

Module 4: IT Risk Analysis, Evaluation and Assessment

  • Risk Assessment Concepts, Standards and Frameworks
  • Risk Register
  • Risk Analysis Methodologies
  • Business Impact Analysis
  • Inherent, Residual and Current Risk

Domain 3: Risk Response and Reporting

Module 5: Risk Response

  • Risk and Control Ownership
  • Risk Treatment/Risk Response Options
  • Third Party Risk Management
  • Issue, Finding and Expectation Management
  • Management of Emerging Risk

Module 6: Control, Design and Implementation

  • Control Types, Standards and Frameworks
  • Control Design, Selection and Analysis
  • Control Implementation
  • Control Testing and Effectiveness Evaluation

Module 7: Risk Monitoring and Reporting

  • Risk Treatment Plans
  • Data Collection, Aggregation, Analysis and Validation
  • Risk and Control Monitoring Techniques
  • Key Performance Indicators
  • Key Risk Indicators
  • Key Control Indicators

Domain 4: Information Technology and Security

Module 8: Information Technology Principles

  • Enterprise Architecture
  • IT Operations Management
  • Project Management
  • Enterprise Resiliency
  • Data Life Cycle Management
  • System Development Life Cycle
  • Emerging Trends in Technology

Module 9: Information Security Principles

  • Information Security Concepts, Frameworks and Standards
  • Information Security Awareness Training
  • Data Privacy and Principles of Data Protection

Show moredown



There are no formal prerequisites for attending this Certified in Risk and Information Systems Control (CRISC) training course.


This training course is ideal for anyone who wants to develop their knowledge and skills of managing IT risk and information security controls within their organisation successfully.

Certified Risk and Information Systems Control (CRISC) Course Overview

CRISC (Certified in Risk and Information Systems Control) is an enterprise risk management certification for IT professionals. It helps them to acquire skills and knowledge for identifying and managing enterprise IT risk. CRISC focuses on the organisational framework for managing and mitigating risk across business processes and technology. This CRISC training course aims to provide delegates with valuable technical skills, ensuring success and prosperity in the empire of IT security. Pursuing this CRISC training will help individuals to develop and establish their useful and preferred IT security careers worldwide.

In this 3-day Certified in Risk and Information Systems Control (CRISC) training course, delegates will gain in-depth knowledge about the methods and processes associated with risk identification, risk analysis, responding to risk, and controlling risk. During this training, delegates will cover various concepts such as organisational governance, IT risk assessment, risk response, project management, enterprise resiliency, information technology and security, business impact analysis, etc. This certification is designed to help professionals refresh their previous knowledge and gain new skills. Our highly experienced Risk Management experts have tailored this CRISC training course, especially to meet the needs and demands of the IT industry.

Delegates will also cover various topics such as:

  • IT risk identification
  • Organisational assets
  • Risk governance
  • Enterprise architecture
  • Project management
  • Information security principles

At the end of this training, delegates will be able to identify and manage risks within an organisation successfully. They will also be able to apply information security concepts, frameworks and standards within an organisation efficiently. Holding the required expertise and knowledge of CRISC domains will help individuals to grow their careers as risk professionals and also provide value to their company.

Show moredown

Certified Risk and Information Systems Control (CRISC) Exam Information

This training course does not include the CRISC exam; this must be booked separately via ISACA. The exam tests delegate's knowledge of the four CRISC domains: Risk Identification, Risk Assessment, Risk Response and Mitigation, and Risk and Control Monitoring and Reporting. It is marked using a 200-800 point scale, with 450 being the passing mark. The Certified Risk and Information Systems Control examination is a CBT (Computer-Based Testing) exam, which has 3 testing windows per year. For more information, visit ISACA.

What’s Included in this CRISC Training Course?

This course will include:

  • The Knowledge Academy’s Certified in Risk and Information Systems Control (CRISC) Courseware
  • Experienced Instructor
  • Certificate of Completion
  • Refreshments

Show moredown

Not sure which course to choose?

Speak to a training expert for advice if you are unsure of what course is right for you. Give us a call on +44 1344 203999 or Enquire.

Package deals

Our training experts have compiled a range of course packages to compliment a variety of categories in order to help fast track your career. The packages consist of the best possible qualifications in each industry and allows you to purchase multiple courses at a discounted rate.

Swipe for more. Don’t miss out!

CRISC Training FAQs


Please arrive at the venue at 8:45am.
Please see our CRISC Training courses available in Philippines
The Knowledge Academy is the Leading global training provider for CRISC Training.
The price for CRISC Training certification in Philippines starts from $.

Why we're the go to training provider for you


Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.


Trusted & Approved

We are accredited by PeopleCert on behalf of AXELOS


Many delivery methods

Flexible delivery methods are available depending on your learning style.


High quality resources

Resources are included for a comprehensive learning experience.

barclays Logo
deloitte Logo
Thames Water Logo

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water

santander logo
bmw Logo
Google Logo

Looking for more information on CRISC Training