Certified in Risk and Information Systems Controls (CRISC)

Course Overview

This course is designed to assist and enhance the study process, this course will focus on identifying and evaluating entity-specific risk, understanding enterprises business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls.  Each of the CRISC job domains will be discussed and attendees will become familiar with the CRISC exam question format.



5 days or 35 training hours.



Domain 1 – IT Risk Identification

Domain 2 – IT Risk Assessment

Domain 3 – Risk Response and Mitigation

Domain 4 – Risk and Control Monitoring and Reporting



Candidate must have a minimum of five years of information security experience, of which three or more years must be information security management work for certification purposes only however, for training purposes some basic knowledge in cybersecurity is recommended.


Target Audience

The CRISC certification was specifically created for risk and control professionals, which include:

  • IT professionals
  • Risk professionals
  • Control professionals
  • Business analysts
  • Project managers
  • Compliance professionals



By the end of this training you will:

Demonstrate efficiency in designing, implementing, monitoring and maintaining the IS controls of the enterprise.

Acquire the relevant knowledge and skills required to clear the CRISC certification exam

Earn the requisite 20 CPEs required to take up the CRISC certification exam

Develop a working knowledge of the 4 domains areas as prescribed by ISACA


Official Exam

Official exam and courseware are included.