语言切换
多种类型课程任你挑选
Various types of courses you choose
全部课程 Products
产品名称 CRISC认证培训
发布时间 2014-09-26
浏览人数 93
CRISC认证培训
日期: 2014-09-26 课程讲师 343788668 课程讲师
Course Description:Designed to assist and enhance the study process, this course will focus on identifying and evaluating entity-specific risk, understanding enterprises business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls. Each of the CRISC job domains will be discussed and attendees will become familiar with the CRISC exam question format.Course Schedule – Topics & ActivitiesThe following five CRISC domains will be covered over four days of classes:Domain 1 - Risk Identification, Assessment and Evaluation Differentiate between risk management and risk governance Identify the roles and responsibilities for risk management Identify relevant standards, frameworks and practices Explain the meaning of key risk management concepts, including risk appetite and risk tolerance Differentiate between threats and vulnerabilities Apply risk identification, classification, quantitative / qualitative assessment and eval...
产品名称:

CRISC认证培训

上市日期: 2014-09-26
CRISC认证培训
  • CRISC认证培训
  • 课程价格:
    0
    RMB
  • 课程人气:
    93
  • 行业类别:
  • 专业类别:
  • 开课时间:
  • 开课地点:
定制下载附件表 点击下载
分享好友
在线预约
免费观看
关闭
课程介绍

 Course Description:
Designed to assist and enhance the study process, this course will focus on identifying and evaluating entity-specific risk, understanding enterprises business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls. Each of the CRISC job domains will be discussed and attendees will become familiar with the CRISC exam question format.
Course Schedule – Topics & Activities
The following five CRISC domains will be covered over four days of classes:
Domain 1 - Risk Identification, Assessment and Evaluation
 Differentiate between risk management and risk governance
 Identify the roles and responsibilities for risk management
 Identify relevant standards, frameworks and practices
 Explain the meaning of key risk management concepts, including risk appetite and risk tolerance
 Differentiate between threats and vulnerabilities
 Apply risk identification, classification, quantitative / qualitative assessment and evaluation techniques
 Describe the key elements of the risk register
 Describe risk scenario development tools and techniques
 Help develop and support risk awareness training tools and techniques
 Relate risk concepts to risk assessment
Domain 2 - Risk Response
 List various parameters for risk response selection
 List the different risk response options

 Describe risk responses may be most suitable for a high-level risk scenario
 Describe how exception management relates to risk management
 Monitor existing risk.
 Report noncompliance and other changes in information risk
 Describe how residual risk relates to inherent risk and risk appetite
 Describe the need for performing a cost-benefit analysis when determining a risk response
 Describe the attributes of a business case to support project management
 Identify standards, frameworks and leading practices related to risk response
Domain 3 - Risk Monitoring
 As a result of completing this chapter, the CRISC candidate should be able to:
 Explain the principles of risk ownership.
 List common risk and compliance reporting requirements, tools and techniques.
 Describe various risk assessment methodologies.
 Differentiate between key performance indicators and Key Risk Indicators.
 Describe, at a high level, data extraction; aggregation; and, analysis tools and techniques.
 Differentiate between various types of processes to review organization’s risk monitoring process.
 List various standards, frameworks, and practices related to risk monitoring.
Domain 4 - Information Systems Control Design and Implementation
 List different control categories and their effects
 Judge control strength.
 Explain the importance of balancing control cost and benefit.
 Leverage understanding of the SDLC process to implement IS controls efficiently and effectively.
 Differentiate between the four high-level stages of the SDLC.

 Relate each SDLC phase to specific tasks and objectives.
 Apply core project management tools and techniques to the implementation of IS controls.
Domain 5 - Information Systems Control Monitoring and Maintenance
 Describe the purpose and levels of a maturity model as it applies to the risk management process.
 Compare different monitoring tools and techniques.
 Describe various testing and assessment tools and techniques.
 Explain how monitoring of IS controls relates to applicable laws and regulations
 Understand the need for control maintenance.

课程推荐
  • 名师:
    发布日期: 2014 - 09 - 26
    Course Description:Designed to assist and enhance the study process, this course will focus on identifying and evaluating entity-specific risk, understanding enterprises business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls. Each of the CRISC job domains will be discussed and attendees will become familiar with the CRISC exam question format.Course Schedule – Topics & ActivitiesThe following five CRISC domains will be covered over four days of classes:Domain 1 - Risk Identification, Assessment and Evaluation Differentiat...
  • 名师:
    发布日期: 2013 - 09 - 13
    课程介绍:CISA (Certified Information Systems Auditor) 是一个以全球认可技术实务为基础的资格认证,作为信息系统管理与安全领域专业人员的首选资格证书,得到了全世界所有行业的广泛认可。 获得 CISA 资格证书有助于确立个人作为一名合格信息系统审计、控制和安全领域专业人才的声望。由于CISA计划所认证的个人,能够熟练掌握当今最急需的技能,雇主更愿意雇用和留住那些达到并能够保持资格证书所要求水平的人才。不论是希望提高工作业绩还是得到职务升迁或竞争新职位,拥有CISA资格证书都会使个人拥有他人无法企及的竞争优势。本课程将结合CISA讲师多年信息系统审计工作经验精讲,本课程将详细信息系统审计系统的流程、工具、方法等,案例的学习以及实践经验共享,帮助学员掌握信息系统审计的基本原则、思路,掌握审计技巧,扩展知识领域,提升管控水平。培训对象:lIT经理、信息安全经理l内控与合规人员l审计从业者和咨询顾问学员受益:l学习和了解信息系统审计系统l掌握信息系统审计的基本原则、思路,掌握审计技巧l有能力获得CISA国际认证认证考试:考试方式:纸笔考(中、文试卷自选其一)考试时长:4小时考试形式:200道多选题通过考试:满分:800分/通过:450分考试费用:4800(含发票)课程长度:5天(35学时)培训费用:5800.00元/人(费用包括教材,发票,午餐,茶点...
网站导航
在线留言
联系我们
站内搜索
  • 姓名:
  • *
  • 公司名称:
  • *
  • 地址:
  • *
  • 电话:
  • *
  • 传真:
  • *
  • E-mail:
  • *
  • 邮政编码:
  • *
  • 留言主题:
  • *
  • 内容:
  • *
     
Site:No.355,Huanghe Road Shanghai, 200040, China
电话:400-888-5228
E-mail:training@avtechcn.cn
QQ:343788668
Copyright ©2005 - 2013 上海艾威信息科技有限公司
犀牛云提供企业云服务



X
3

SKYPE 设置

4

阿里旺旺设置

2

MSN设置

5

电话号码管理

  • 400-888-5228
6

二维码管理

8

邮箱管理

展开
回到顶部