Your browser is not supported any more. Download your preferred modern browser and STAY secure!

CRISC Prep Course

Information Technology
Starting Soon
Online
Duration
27 Hours - 9 Sessions
Level
Advanced
Language
Greek
Price
€ 1,670.00

Pass the CRISC exam by attending our official CRISC Prep course with ISACA Accredited Trainers and full training-exam package offerings 

In this course, you will explore all four areas covered in the Certified in Risk and Information Systems Control (CRISC) exam. Introduced in 2010, CRISC certification is designed for IT and business practitioners responsible for recognizing and overseeing risks within information systems. This certification validates your proficiency in recognizing and handling IT risks at the enterprise level, as well as establishing and sustaining information systems safeguards.

With more than 145,000 members in over 180 countries, ISACA™ is a globally recognized leader in IT governance, control and assurance. 

This is the official CRISC Prep Course offered by by ISACA accredited trainers in accordance with ISACA’s Accredited Training Program.

The course provides an in-depth knowledge on the following four CRISC domains that are covered on the CRISC exam.

  • Domain 1 - IT Governance
  • Domain 2 - IT Risk Asssessment
  • Domain 3 - Risk Response and Reporting
  • Domain 4 - Information Technology and Security

New dates will be announced soon.


Premium Package

€1670 - What's included:

  • ISACA membership fee*
  • CRISC eManual
  • CRISC Q&A Database Annual Subscription*
  • Exam Fee* 
  • CRISC Prep Course (27 ώρες Live Online)

Prepayment is required at least 7 working days before the start of each preparation seminar.
*Valid for 1 year from date of voucher purchases.

Basic Package

€1120 - What's included:

  • ISACA membership fee*
  • CRISC eManual
  • CRISC Q&A Database Annual Subscription*
  • CRISC Prep Course (27 hours Live Online)

Prepayment is required at least 7 working days before the start of each preparation seminar
*Valid for 1 year from date of voucher purchase. Please contact us at 210-3680911, 210-3680907 to receive your discount coupon for the final fee of 1120 Euros..

Hellenic American Union offers the CRISC prep Course in co-operation with ES Learning. ES Learning is an international consulting and training services company based in Riyadh, and an Authorized Training Organization (ATO) of ISACA International.

ES-Learning is a specializing in capacity building and professionalization, by providing training programs in the following areas: Business Process Management, Facilitation through Trainings, Quality & Performance Management, Services Design, Strategy.

As ISACA'S ATOs, our partners meet ISACA's high training standards. Courses are taughted by accredited and certified trainers, follow ethical practices, and use ISACA's designated materials to make sure you get the most up to date training.

CRISC Prep course offers you the following:

  • 27 hours with a thorough overview and key points of the 5 domain areas of  the CISA Exam
  • 2 extra hours for a mock-up exam delivered within 2 months after the end of the course to refresh your knowledge
  • ISACA training material
  • Post-training access to the instructor for advice and support
  • Analysis of particular topics which are popular exam questions
  • Practice on the “Philosophy” of the examinations’ questions and testing conditions
  • Reference tools
  • 27 CPEs

CRISC is an exam that tests experience and experience cannot be taught.  However this course, will give you specific guidelines in your study by providing an overview of the core knowledge bases included in the CRISC examination ‘Body of Knowledge’.

Following each section, you will work through a series of sample questions to give you a "feel" for the format and the types of questions you will encounter.

The instructor will provide you with many reference tools and study guides, together with the official ISACA training material. You should continue to study the course materials and rehearse the sample questions after the course until the exam date. Practice with as many sample questions as you can is a key factor for succeeding in the test.

The CRISC certification is addressed to IT risk management experts who should have a minimum of three years of applicable professional experience in IT risk and information systems control, which includes roles such as:

  • Security Directors, Managers, or Consultants
  • Directors and Managers responsible for Compliance, Risk, and Privacy
  • IT Audit Directors, Managers, or Consultants
  • Staff members specializing in Compliance, Risk, and Control

Domain 1 - Governance (26% of exam)

The governance domain refers to a company's business and IT setups, its strategy, aims, and objectives. It also looks at how IT risks could affect the company's goals and operations, including things like Enterprise Risk Management and Risk Management Framework.

This domain includes:

A— Organizational Governance

  • Organizational Strategy, Goals, and Objectives
  • Organizational Structure, Roles and Responsibilities
  • Organizational Culture
  • Policies and Standards
  • Business Processes

B—Risk Governance

  • Enterprise Risk Management and Risk Management Framework
  • Three Lines of Defense
  • Risk Profile
  • Risk Appetite and Risk Tolerance
  • Legal, Regulatory and Contractual Requirements
  • Professional Ethics of Risk Management Organizational Assets

Domain 2 - IT Risk Assessment (20% of exam)

This domain will confirm your understanding of risks and weaknesses affecting the organization's personnel, procedures, and technology, along with assessing how likely these threats and vulnerabilities are to occur and the consequences they might have. This domain includes:

A—IT Risk Identification

  • Risk Events (e.g., contributing conditions, loss result)
  • Threat Modelling and Threat Landscape
  • Vulnerability and Control Deficiency Analysis (e.g., root cause analysis)
  • Risk Scenario Development

B—IT Risk Analysis and Evaluation

  • Risk Assessment Concepts, Standards and Frameworks
  • Risk Register
  • Risk Analysis Methodologies
  • Business Impact Analysis
  • Inherent and Residual Risk

Domain 3 - Risk Response and Reporting (32% of exam)

This domain focuses on creating and overseeing plans to address risks involving important parties, reviewing existing safeguards and enhancing their effectiveness in mitigating IT risks, and sharing appropriate risk and control information with relevant stakeholders.

A—Risk Reponse

  • Risk Treatment / Risk Response Options
  • Risk and Control Ownership
  • Third-Party Risk Management
  • Issue, Finding and Exception Management
  • Management of Emerging Risk

B—Control Design and Implementation

  • Control Types, Standards and Frameworks
  • Control Design, Selection and Analysis
  • Control Implementation
  • Control Testing and Effectiveness Evaluation

C—Risk Monitoring & Reporting

  • Risk Treatment Plans
  • Data Collection, Aggregation, Analysis and Validation
  • Risk and Control Monitoring Techniques
  • Risk and Control Reporting Techniques (heatmap, scorecards, dashboards)
  • Key Performance Indicators
  • Key Risk Indicators (KRIs)
  • Key Control Indicators (KCIs)

Domain 4 - Information Technology and Security (22% of exam)

Within this domain, we examine how well business practices align with Risk Management and Information Security frameworks and standards. We also assess the establishment of a culture that is conscious of risk and the implementation of security awareness training.

A—Information Technology Principles

  • Enterprise Architecture
  • IT Operations Management (e.g., change management, IT assets, problems, incidents)
  • Project Management
  • Disaster Recovery Management (DRM)
  • Data Lifecycle Management
  • System Development Life Cycle (SDLC)
  • Emerging Technologies

B—Information Security Principles

  • Information Security Concepts, Frameworks and Standards
  • Information Security Awareness Training
  • Business Continuity Management
  • Data Privacy and Data Protection Principles

Supporting Tasks

  • Collect and review existing information regarding the organization’s business and IT environments.
  • Identify potential or realized impacts of IT risk to the organization’s business objectives and operations.
  • Identify threats and vulnerabilities to the organization’s people, processes and technology.
  • Evaluate threats, vulnerabilities and risk to identify IT risk scenarios.
  • Establish accountability by assigning and validating appropriate levels of risk and control ownership.
  • Establish and maintain the IT risk register and incorporate it into the enterprise-wide risk profile.
  • Facilitate the identification of risk appetite and risk tolerance by key stakeholders.
  • Promote a risk-aware culture by contributing to the development and implementation of security awareness training.
  • Conduct a risk assessment by analyzing IT risk scenarios and determining their likelihood and impact.
  • Identify the current state of existing controls and evaluate their effectiveness for IT risk mitigation.
  • Review the results of risk analysis and control analysis to assess any gaps between current and desired states of the IT risk environment.
  • Facilitate the selection of recommended risk responses by key stakeholders.
  • Collaborate with risk owners on the development of risk treatment plans.
  • Collaborate with control owners on the selection, design, implementation and maintenance of controls.
  • Validate that risk responses have been executed according to risk treatment plans.
  • Define and establish key risk indicators (KRIs).
  • Monitor and analyze key risk indicators (KRIs).
  • Collaborate with control owners on the identification of key performance indicators (KPIs) and key control indicators (KCIs).
  • Monitor and analyze key performance indicators (KPIs) and key control indicators (KCIs).
  • Review the results of control assessments to determine the effectiveness and maturity of the control environment.
  • Report relevant risk and control information to applicable stakeholders to facilitate risk-based decision-making.
  • Evaluate alignment of business practices with risk management and information security frameworks and standards.

Mock Exam – Reviewing questions and answers

What our students say about us

The CRISC online course provided me with deep insights into the identification and management of IT risks, enhancing my ability to align IT with business objectives. Vasilis Monti - Network Security Engineer, OTE

You can register, or have your employer register you up to one day before the start date of the program if there are still available places. Add the program to the shopping basket. The first time you place an order you need to register. For company registrations please check the box “I am booking on behalf of my company”. Then, you fill out your personal details and you select an invoice or receipt to be issued. Then you must pay the tuition fee. Payment is available by: a) debit, prepaid, or credit card (interest-free installments will be visible if available), b) Bank payment ID, that you can use to pay at the bank or via ebanking, or c) IRIS and direct debiting your bank account.

Please note that once you successfully place your order you will receive an automated confirmation message. This does not mean that your registration is complete. Your place is reserved once you pay the relevant tuition fee. When payment is visible, we will contact you to confirm your registration.

Important: You can proceed directly with your order through our eshop for the Premium Package of 1670 Euros which provides you with everything you need for your preparation and exam fees. 

If you choose the Basic Package, please contact us at 210-3680911, or 210-3680907, or send an email to training@hau.gr to receive the corresponding discount coupon, so that you can forward your order through our eshop.

The seminar can be organized exclusively for your company, if there is a group of people who wishes to attend. The content, dates, and schedule will be tailored to your employees' needs. 

Blackboard is an elearning platform with its own web-based video conferencing tool, compatible with Mac, Windows, Linux, iOS, and Android, that allows users to meet and attend classes online. You can use Blackboard from your PC or laptop, but also from your iPad or smartphone. No need to download anything to access Blackboard. We will send you a step-by-step guide once you register. If you use your PC or laptop you will also need a webcam, microphone, and speaker. Most computers have a microphone and speaker, but you can also use a headset with a microphone for better sound quality.

Nikolaos Vasileiadis
CISM, CISA, CISSP, CDPSE, CRISC Managing Director, Tekpaths

Nikolaos is an ISACA Accredited Trainer and member of ISACA Athens Chapter, authorized to offer ISACA's Certification prep courses for CISA, CISM and CRISC.  Nikolaos works in the field ...

Learn more

You might be interested ...

Back to top