ISACA CERTIFIED IN RISK AND INFORMATION SYSTEMS CONTROL (CRISC) (SF) (SYNCHRONOUS ELEARNING)

Course Overview

The ISACA Certified in Risk and Information Systems Control (CRISC) course is a specialized training program designed for professionals seeking expertise in the field of risk management and information systems control. This comprehensive course begins by providing participants with a solid foundation in risk management principles, enabling them to identify, assess, and respond to risks effectively within the context of information systems. The curriculum covers the integration of risk management with information systems control, ensuring a holistic approach to safeguarding organizational assets.

The CRISC course places a strong emphasis on risk response and mitigation strategies, equipping participants with the skills needed to develop and implement risk treatment plans. Real-world case studies and practical scenarios are integrated throughout the course to enhance the application of theoretical concepts. The program concludes with a thorough review of key topics, preparing participants for the CRISC certification exam and providing them with a valuable credential in the field of risk and information systems control.

CRISC four-day course will prepare participants to sit for the CRISC certification examination.

Course Objectives

Upon completing this course, participants will gain a comprehensive, up-to-date and in-depth knowledge of the following:

• An understanding of the format and structure of the CRISC certification exam
• A knowledge of the various topics and technical areas covered by the exam
• Practice with specific strategies, tips and techniques for taking and passing the exam
• Opportunities to execute practice questions with debriefs of answers

Pre-requisites

Below are the certification requirements, if you are taking the course just for knowledge it is not mandatory to possess the below requirements:

• 1-3 years of experience in IT risk and/or security and audit
• Recommended to have Early career candidates: IT Risk Fundamentals certificate and CISA certification a plus before starting
• Appropriate managerial skills with knowledge of relevant tools and techniques
• Proficiency in English language equivalent to the GCE O Level is expected

*To find out more about certification, go to: https://www.isaca.org/credentialing/crisc/get-crisc-certified

• Hardware & Software
  • This course will be conducted as a Virtual Live Class (VLC) via Zoom platform.
  • Participants must own a Zoom account and have a laptop or a desktop with “Zoom Client for Meetings” installed. Download from zoom.us/download. 

System Requirement

Must-have: Please ensure that your computer or laptop meets the following requirements.  Operating system: Windows 10 or MacOS (64 bit or above)  Processor/CPU: 1.8 GHz, 2-core Intel Core i3 or higher  Minimum 20 GB hard disk space  Minimum 8 GB RAM  Webcam (camera must be turned on for the duration of the class)  Microphone  Internet Connection: Wired or Wireless broadband  Latest version of Zoom software to be installed on computer or laptop prior to the class.  Good-to-have:  Wired internet connection Wired internet will provide you with stable and reliable connection.  Dual monitors Using a dual monitor setup will undoubtedly improve your training experience, enabling you to simultaneously participate in hands-on exercises and maintain engagement with your instructor.  Not recommended:  Using tablets are not recommended due to their smaller screen size, which could cause eye strain and discomfort over the course of the program's duration.

Course Outline

Introduction to Certified in Risk and Information Systems Control (CRISC)

• Examination information and preparation techniques
• Understand how questions are structured
• Preparing for CRISC examination
• Certification Prerequisites, Application, Maintenance and Renewal

Domain 1 Governance

1. Organisational Governance

• Organizational Strategy, Goals, and Objectives
• Organizational Structure, Roles, and Responsibilities
• Organizational Culture
• Policies and Standards
• Business Processes
• Organizational Assets

2. Risk Governance

• Enterprise Risk Management and Risk Management Framework
• Three Lines of Defense
• Risk Profile
• Risk Appetite and Risk Tolerance
• Legal, Regulatory, and Contractual Requirements
• Professional Ethics of Risk Management

Domain 2 IT Risk Assessment

1. IT Risk Identification

• Risk Events
• Threat Modelling and Threat Landscape
• Vulnerability and Control Deficiency Analysis
• Risk Scenario Development

2. IT Risk Analysis, Evaluation & Assessment

• Risk Assessment Concepts, Standards, and Frameworks
• Risk Register
• Risk Analysis Methodologies
• Business Impact Analysis
• Inherent, Current and Residual Risk

Domain 3 Risk Response and Reporting

1. Risk Response
   • Risk and Control Ownership
   • Risk Treatment / Risk Response Options
   • Third-Party Risk Management
   • Issue, Finding, and Exception Management
   • Management of Emerging Risk
2. Control Design and Implementation

• Control Types, Standards, and Frameworks
• Control Design, Selection, and Analysis
• Control Implementation
• Control Testing and Effectiveness Evaluation

3. Risk Monitoring and Reporting

• Risk Treatment Plans
• Data Collection, Aggregation, Analysis, and Validation
• Risk and Control Monitoring Techniques
• Risk and Control Reporting Techniques
• Key Performance Indicators
• Key Risk Indicators
• Key Control Indicators

Domain 4 Information Technology and Security

1. Information Technology Principles

• IT Operations Management  
• Enterprise Resiliency
• Project Management
• Data Lifecycle Management
• System Development Life Cycle  
• Emerging Trends in Technology

2. Information Security Principles

• Information Security Concepts, Frameworks, and Standards
• Information Security Awareness Training
• Data Privacy and Principles of  Data Protection

Certificate Obtained and Conferred by

• Upon meeting the attendance and assessment(s) criteria, participants will be awarded with a digital Statement of Attainment (SOA), accredited by SkillsFuture Singapore. SOA will be reflected as [code name, ICT-SNA-4005-1.1 Business Risk Management].

• Upon meeting the attendance and assessment(s) criteria, participants will be awarded with a digital Certificate of Completion from NTUC LearningHub.

Additional Details

Medium of Instruction: English
Trainer to trainee ratio: 1:20
Mode of Delivery: <Virtual Live Class (VLC) via Zoom> or <Physical class>

Price

Course Fee and Government Subsidies
	Individual Sponsored		Company Sponsored
			Non-SME		SME
	Before GST	With GST	Before GST	With GST	Before GST	With GST
Full Course Fee (For Foreigners and those not eligible for subsidies)	$2,250.00	$2,452.50	$2,250.00	$2,452.50	$2,250.00	$2,452.50
For Singapore Citizens aged 39 years and below and For all Singapore Permanent Residents (The minimum age for individual sponsored trainees is 21 years)	$675.00	$735.75	$675.00	$735.75	$225.00	$285.75
For Singapore Citizens aged 40 years and above	$225.00	$285.75	$225.00	$285.75	$225.00	$285.75

 

Funding Eligibility Criteria

Individual Sponsored Trainee

Company Sponsored Trainee

Singapore Citizens or Singapore Permanent Residents From 1 October 2023, attendance-taking for SkillsFuture Singapore's (SSG) funded courses must be done digitally via the Singpass App. This applies to both physical and synchronous e-learning courses. Trainee must achieve at least 75% attendance. Trainee must pass all prescribed tests / assessments and attain 100% competency. NTUC LearningHub reserves the right to claw back the funded amount from trainee if he/she did not meet the eligibility criteria.

Singapore Citizens or Singapore Permanent Residents From 1 October 2023, attendance-taking for SkillsFuture Singapore's (SSG) funded courses must be done digitally via the Singpass App. This applies to both physical and synchronous e-learning courses.​ Trainee must achieve at least 75% attendance. Trainee must pass all prescribed tests / assessments and attain 100% competency. NTUC LearningHub reserves the right to claw back the funded amount from the employer if trainee did not meet the eligibility criteria.

Remarks

Individual Sponsored Trainee

Company Sponsored Trainee

SkillsFuture Credit:  Eligible Singapore Citizens can use their SkillsFuture Credit to offset course fee payable after funding. UTAP:  This course is eligible for Union Training Assistance Programme (UTAP). NTUC members can enjoy up to 50% funding (capped at $250 per year) under UTAP. PSEA: To check for Post-Secondary Education Account (PSEA) eligibility for this course, visit: (a) SkillsFuture (TGS-2023022084) for Virtual Learning Class (VLC) (b) SkillsFuture (TGS-2023022082) for Face-to-Face class Scroll down to “Keyword Tags” to verify for PSEA eligibility.  If there is “PSEA” under keyword tags, the course is eligible for PSEA.   And if there is no “PSEA” under keyword tags, the course is ineligible for PSEA.  Not all courses are eligible for PSEA funding.

Absentee Payroll (AP) Funding:  $4.50 per hour, capped at $100,000 per enterprise per calendar year. AP funding will be computed based on the actual number of training hours attended by the trainee. Note: Courses / Modules under Professional Conversion Programme (PCP) will not be eligible for AP funding claim.

Terms & Conditions apply. NTUC LearningHub reserves the right to make changes or improvements to any of the products described in this document without prior notice.

Prices are subject to other LHUB miscellaneous fees.