Publication date : 12/24/2024
Course : CRISC®, IS risk management, ISACA certification preparation
Practical course - 4d
- 28h00 - Ref. CKR
|
Download in PDF format
Share this course by email
 | Mastering the CRISC risk management approach |
| Apply the best strategies for responding to risks to the information system |
| Use best practices for risk monitoring |
| Define information system controls |
| Use best practices to monitor and maintain these controls |
Intended audience
Les personnes expérimentées dans la gestion des risques informatiques et la conception, la mise en
œuvre, le suivi et la maintenance des contrôles SI.
œuvre, le suivi et la maintenance des contrôles SI.
Prerequisites
Trois ans ou plus d'expérience dans la gestion des risques informatiques et le contrôle des SI.
Aucune renonciation ou substitution d'expérience acceptée.
Aucune renonciation ou substitution d'expérience acceptée.
Course schedule
1 Area 1: Governance
- Risk assessment concepts, standards and frameworks.
- Organizational strategy, goals and objectives.
- Organizational structure, roles and responsibilities.
- Organizational culture and assets.
- Operational policies, standards and processes.
- Enterprise risk management, risk management frameworks and three lines of defense.
- Risk profile, risk appetite and tolerance.
- Navigating the ethics of risk management and the requirements of laws, regulations and controls.
2 Area 2: IT risk assessment
- Risk events, threat modeling and threat landscape.
- Vulnerability and control deficiency analysis.
- Development of risk scenarios.
- Risk register.
- Risk analysis methodologies.
- Business impact analysis.
- Inherent, residual and current risk.
3 Area 3: Risk response and reporting
- Risk treatment/risk response options.
- Ownership of risk and control.
- Managing risks related to processes, third parties and emerging sources.
- Control types, standards and frameworks.
- Control design, selection and analysis.
- Implementation, testing and effectiveness of controls.
- Risk management plans.
- Data collection, aggregation, analysis and validation.
- Risk and control monitoring and reporting techniques.
- Performance, risk and control measures.
4 Area 4: Information technology and security
- Enterprise architecture.
- IT operations management.
- Project management.
- Disaster recovery management (DRM).
- Data lifecycle management.
- System Development Life Cycle (SDLC).
- Emerging technologies.
- Information security concepts, frameworks and standards.
- Information security awareness training.
- Business continuity management.
- Principles of confidentiality and data protection.
Options
Certification : 780 € HT
The exam consists of 150 multiple-choice questions in English, and takes 4 hours to complete. It is available online and recorded.
Customer reviews
4,4 / 5
Customer reviews are based on end-of-course evaluations. The score is calculated from all evaluations within the past year. Only reviews with a textual comment are displayed.
CYRILLE B.
09/12/25
5 / 5
Formateur multi-competence. Contenu illustré avec des domaines connexe.
OLIVIER D.
09/12/25
4 / 5
Formateur compétent et à l écoute des stagiaires.
OLIVIER G.
09/12/25
4 / 5
Les supports de formation n’ont pas été communiqués avant la formation. Pas de support papier.Le temps accordé pour la formation est trop court. Une journée supplémentaire aurait été nécessaire, permettant ainsi de faire des exercices ou des QCM. Le format actuel ne permet pas non plus de faire un examen blanc. C’est dommage pour une formation préparant à un examen.
PARTICIPANTS
Les personnes expérimentées dans la gestion des risques informatiques et la conception, la mise en
œuvre, le suivi et la maintenance des contrôles SI.
PREREQUISITES
Trois ans ou plus d'expérience dans la gestion des risques informatiques et le contrôle des SI.
Aucune renonciation ou substitution d'expérience acceptée.
TRAINER QUALIFICATIONS
The experts leading the training are specialists in the covered subjects. They have been approved by our instructional teams for both their professional knowledge and their teaching ability, for each course they teach. They have at least five to ten years of experience in their field and hold (or have held) decision-making positions in companies.
ASSESSMENT TERMS
The trainer evaluates each participant’s academic progress throughout the training using multiple choice, scenarios, hands-on work and more.
Participants also complete a placement test before and after the course to measure the skills they’ve developed.
TERMS AND DEADLINES
Registration must be completed 24 hours before the start of the training.
ACCESSIBILITY FOR PEOPLE WITH DISABILITIES
Do you need special accessibility accommodations? Contact Mrs. Fosse, Disability Manager, at psh-accueil@orsys.fr to review your request and its feasibility.
Les personnes expérimentées dans la gestion des risques informatiques et la conception, la mise en
œuvre, le suivi et la maintenance des contrôles SI.
PREREQUISITES
Trois ans ou plus d'expérience dans la gestion des risques informatiques et le contrôle des SI.
Aucune renonciation ou substitution d'expérience acceptée.
TRAINER QUALIFICATIONS
The experts leading the training are specialists in the covered subjects. They have been approved by our instructional teams for both their professional knowledge and their teaching ability, for each course they teach. They have at least five to ten years of experience in their field and hold (or have held) decision-making positions in companies.
ASSESSMENT TERMS
The trainer evaluates each participant’s academic progress throughout the training using multiple choice, scenarios, hands-on work and more.
Participants also complete a placement test before and after the course to measure the skills they’ve developed.
TEACHING AIDS AND TECHNICAL RESOURCES
• The main teaching aids and instructional methods used in the training are audiovisual aids, documentation and course material, hands-on application exercises and corrected exercises for practical training courses, case studies and coverage of real cases for training seminars.
• At the end of each course or seminar, ORSYS provides participants with a course evaluation questionnaire that is analysed by our instructional teams.
• A check-in sheet for each half-day of attendance is provided at the end of the training, along with a course completion certificate if the trainee attended the entire session.
• The main teaching aids and instructional methods used in the training are audiovisual aids, documentation and course material, hands-on application exercises and corrected exercises for practical training courses, case studies and coverage of real cases for training seminars.
• At the end of each course or seminar, ORSYS provides participants with a course evaluation questionnaire that is analysed by our instructional teams.
• A check-in sheet for each half-day of attendance is provided at the end of the training, along with a course completion certificate if the trainee attended the entire session.
TERMS AND DEADLINES
Registration must be completed 24 hours before the start of the training.
ACCESSIBILITY FOR PEOPLE WITH DISABILITIES
Do you need special accessibility accommodations? Contact Mrs. Fosse, Disability Manager, at psh-accueil@orsys.fr to review your request and its feasibility.
Dates and locations
Select your location or opt for the remote class then choose your date.
Remote class
Dernières places
Date garantie en présentiel ou à distance
Session garantie