CRISC - Certified in Risk and Information Systems Control

CRISC Exam Preparatory Training

CRISC is the only certification that prepares and enables IT professionals for the unique challenges of  IT and enterprise risk management, and positions them to become strategic partners to the enterprise. 

CRISC is the most current and rigorous assessment available to evaluate the risk management proficiency of IT professionals and other employees within an enterprise or financial institute. 

Those who earn CRISC help enterprises to understand business risk, and have the technical knowledge to implement appropriate IS controls. 

CRISCs bring additional professionalism to any organization by demonstrating a quantifiable standard of knowledge, pursuing continuing education, and adhering to a standard of ethical conduct established by ISACA. 

Who should attend this CRISC training course? 

  • IT Professionals
  • Risk Professionals
  • Control Professionals
  • Business Analysts
  • Project Managers
  • Compliance Professionals
  • IS/IT Consultants 

Prerequisites / Qualifications for CRISC 

Experienced IT control or audit or security or risk management professionals.  There is no prerequisite to take the exam; however, in order to apply for certification you must meet the necessary experience requirements as determined by ISACA. 

CRISC Focus Areas 

  • Risk identification, assessment and evaluation
  • Risk response
  • Risk monitoring
  • IS control design and implementation
  • IS control monitoring and maintenance

Course Outline and Coverage

The following topics are general guidelines for the content covered in the class, and on the CRISC exam. However, other related topics may also appear on any specific delivery of the class and/or exams: 

  • Risk Identification, Assessment and Evaluation 

Identify, assess and evaluate risk to enable the execution of the enterprise risk management strategy 

  • Risk Response 

Develop and implement risk responses to ensure that risk factors and events are addressed in a cost-effective manner and in line with business objectives 

  • Risk Monitoring 

Monitor risk and communicate information to the relevant stakeholders to ensure the continued effectiveness of the enterprise’s risk management strategy 

  • Information Systems Control Design and Implementation 

Design and implement information systems controls in alignment with the organization’s risk appetite and tolerance levels to support business objectives

  •  Information Systems Control Monitoring and Maintenance 

Monitor and maintain information systems controls to ensure that they function effectively and efficiently 


  •  The exam consists of 200 multiple choice questions and is offered in the English language at hundreds of locations worldwide.
  • The content of the exam covers five content areas or domains, which are based on an extensive job practice analysis conducted by industry leaders and subject matter experts from around the world, and reflect the most current practices.
  • The five domains contain tasks and knowledge statements which depict the tasks performed in the field and the knowledge required to perform these tasks.
  • Exam candidates will be tested based on their practical knowledge associated with performing these tasks.


  • 4 days of class room training
  • Course ware hard copy
  • Exam question discussions
  • CPE/PDU certificate, as required
  • Unlimited on call support on exam related queries, study material etc.


We deliver CRISC exam preparatory training across the globe. Enquire the open house schedule or for corporate batches. 

Download the CRISC qualification brochure from ISACA website.


CRISC® is a registered trademark of ISACA