Network Training Center

COURSES CATALOG

  • Home
  • Certified in Risk and Information Systems Control - TH

Certified in Risk and Information Systems Control - TH

DURATION

3  Days

PRICE LIST

49,000  Baht (Exclusive of VAT 7%)
Special Offer : ติดต่อเรา

 COURSE OUTLINE

This 3-days course is not an official ISACA training course; however, it is led by a Certified in Risk and Information Systems Control (CRISC) with over a decade of experience and familiarity with ISACA resources. The training material is built from the latest version of review manual and QAE books but reorganized into an easy-to-understand format.

Preparing for the ISACA's CRISC examination

Day 1

  • About ISACA
  • Knowledge structure
  • Domain 1 – Governance
    • Organizational Strategy, Goals and Objectives
    • Organizational Structure, Roles and Responsibilities
    • Organizational Culture
    • Policies and Standards
    • Business Process Review
    • Organizational Assets
    • Enterprise Risk Management and Risk Management Frameworks
    • Three Lines of Defense
    • Risk Profile
    • Risk Appetite, Tolerance and Capacity
    • Legal, Regulatory and Contractual Requirements
    • Professional Ethics of Risk Management
  • Sample questions

 

Day 2

  • Domain 2 – IT Risk Assessment
    • Risk Events
    • Threat Modeling and Threat Landscape
    • Vulnerability and Control Deficiency Analysis
    • Risk Scenario Development
    • Risk Assessment Concepts, Standards and Frameworks
    • Risk Register
    • Risk Analysis Methodologies
    • Business Impact Analysis
    • Inherent, Residual and Current Risk
  • Domain 3 – Risk Response and Reporting
    • Risk and Control Ownership
    • Risk Treatment/Risk Response Options
    • Third-party Risk Management
    • Issue, Finding and Exception Management
    • Management of Emerging Risk
  • Sample questions

 

Day 3

  • Domain 3 – Risk Response and Reporting (continued)
    • Control Types, Standards and Frameworks
    • Control Design, Selection and Analysis
    • Control Implementation
    • Control Testing and Effectiveness Evaluation
    • Risk Treatment Plans
    • Data Collection, Aggregation, Analysis and Validation
    • Risk and Control Monitoring Techniques
    • Risk and Control Reporting Techniques
    • Key Performance Indicators
    • Key Risk Indicators
    • Key Control Indicators
  • Domain 4 – Information Technology and Security
    • Enterprise Architecture
    • IT Operations Management
    • Project Management
    • Enterprise Resiliency
    • Data Life Cycle Management
    • System Development Life Cycle
    • Emerging Trends in Technology
    • Information Security Concepts, Frameworks and Standards
    • Information Security Awareness Training
    • Data Privacy and Principles of Data Protection
  • Sample questions
  • Recommendation on exam preparation