NTUC LearningHub

Course Objectives

 

Upon completing this course, participants will gain a comprehensive, up-to-date and in-depth knowledge of the following:

  • An understanding of the format and structure of the CRISC certification exam
  • A knowledge of the various topics and technical areas covered by the exam
  • Practice with specific strategies, tips and techniques for taking and passing the exam
  • Opportunities to execute practice questions with debriefs of answers

 

Pre-requisites

 

Below are the certification requirements, if you are taking the course just for knowledge it is not mandatory to possess the below requirements:

 

  • 1-3 years of experience in IT risk and/or security and audit
  • Recommended to have Early career candidates: IT Risk Fundamentals certificate and CISA certification a plus before starting
  • At least a graduate degree qualification, with or without a major (honours)
  • Appropriate managerial skills with knowledge of relevant tools and techniques
  • Proficiency in English language equivalent to the GCE O Level is expected

 

*To find out more about certification, go to: https://www.isaca.org/credentialing/crisc/get-crisc-certified

 

  • Hardware & Software
    • This course will be conducted as a Virtual Live Class (VLC) via Zoom platform.
    • Participants must own a Zoom account and have a laptop or a desktop with “Zoom Client for Meetings” installed. Download from zoom.us/download.
System Requirement
Must-have:

Please ensure that your computer or laptop meets the following requirements.

  • Operating system: Windows 10 or MacOS (64 bit or above)
  • Processor/CPU: 1.8 GHz, 2-core Intel Core i3 or higher
  • Minimum 20 GB hard disk space
  • Minimum 8 GB RAM
  • Webcam (camera must be turned on for the duration of the class)
  • Microphone
  • Internet Connection: Wired or Wireless broadband
  • Latest version of Zoom software to be installed on computer or laptop prior to the class.

Good-to-have:

  • Wired internet connection
    Wired internet will provide you with stable and reliable connection.
  • Dual monitors
    Using a dual monitor setup will undoubtedly improve your training experience, enabling you to simultaneously participate in hands-on exercises and maintain engagement with your instructor.

Not recommended:
Using tablets are not recommended due to their smaller screen size, which could cause eye strain and discomfort over the course of the program's duration.

 

 

Course Outline

 

Introduction to Certified in Risk and Information Systems Control (CRISC)

  • Examination information and preparation techniques
  • Understand how questions are structured
  • Preparing for CRISC examination
  • Certification Prerequisites, Application, Maintenance and Renewal

Domain 1 Governance

  1. Organisational Governance
  • Organizational Strategy, Goals, and Objectives
  • Organizational Structure, Roles, and Responsibilities
  • Organizational Culture
  • Policies and Standards
  • Business Processes
  • Organizational Assets
  1. Risk Governance
  • Enterprise Risk Management and Risk Management Framework
  • Three Lines of Defense
  • Risk Profile
  • Risk Appetite and Risk Tolerance
  • Legal, Regulatory, and Contractual Requirements
  • Professional Ethics of Risk Management

 

Domain 2 IT Risk Assessment

  1. IT Risk Identification
  • Risk Events
  • Threat Modelling and Threat Landscape
  • Vulnerability and Control Deficiency Analysis
  • Risk Scenario Development
  1. IT Risk Analysis, Evaluation & Assessment
  • Risk Assessment Concepts, Standards, and Frameworks
  • Risk Register
  • Risk Analysis Methodologies
  • Business Impact Analysis
  • Inherent, Current and Residual Risk

 

Domain 3 Risk Response and Reporting

  1. Risk Response
    • Risk and Control Ownership
    • Risk Treatment / Risk Response Options
    • Third-Party Risk Management
    • Issue, Finding, and Exception Management
    • Management of Emerging Risk
  2. Control Design and Implementation
  • Control Types, Standards, and Frameworks
  • Control Design, Selection, and Analysis
  • Control Implementation
  • Control Testing and Effectiveness Evaluation
  1. Risk Monitoring and Reporting
  • Risk Treatment Plans
  • Data Collection, Aggregation, Analysis, and Validation
  • Risk and Control Monitoring Techniques
  • Risk and Control Reporting Techniques
  • Key Performance Indicators
  • Key Risk Indicators
  • Key Control Indicators

 

Domain 4 Information Technology and Security

  1. Information Technology Principles
  • IT Operations Management
  • Enterprise Resiliency
  • Project Management
  • Data Lifecycle Management
  • System Development Life Cycle
  • Emerging Trends in Technology
  1. Information Security Principles
  • Information Security Concepts, Frameworks, and Standards
  • Information Security Awareness Training
  • Data Privacy and Principles of  Data Protection

 

Certificate Obtained and Conferred by

 

  • Upon meeting the attendance and assessment(s) criteria, participants will be awarded with a digital Statement of Attainment (SOA), accredited by SkillsFuture Singapore. SOA will be reflected as [code name, ICT-SNA-4005-1.1 Business Risk Management].

 

  • Upon meeting the attendance and assessment(s) criteria, participants will be awarded with a digital Certificate of Completion from NTUC LearningHub.
Categories
More Information
  • NTUC LearningHub
  • No comments yet.
  • Add a review
    error: Content is protected !!