Chat with us, powered by LiveChat


CRISC - Certified in Risk and Information Systems Control

Certified in Risk and Information Systems Control Boot Camp

Secure Ninja's (5) five-day CRISC training and certification boot camp in Washington, DC, San Diego, CA or Live Online provides the necessary skills for IT and business professionals seeking a reinforced management position. This immersion course brings the essential material to these professionals in the 5 job practice domains. These areas and statements were developed by the CRISC® Task Force and represent a job practice analysis of the work performed in risk identification, assessment, evaluation, response, and monitoring and in the design, implementation, monitoring, and maintenance of information system controls. The domains are as follows: 

  • Domain 1: Risk Identification, Assessment, and Evaluation  
  • Domain 2: Risk Response  
  • Domain 3: Risk Monitoring  
  • Domain 4: Information Systems Control Design and Implementation  
  • Domain 5: IS Control Monitoring and Maintenance  

CRISC is the only certification that prepares and enables IT professionals for the unique challenges of IT and enterprise risk management and positions them to become strategic partners to the enterprise. Our CISM certification training program will teach you the necessary requirements to pass the CRISC® exam via in-depth lectures, discussions, demos and much more.

CRISC is a top paying certification - $118,253 - see below


Those looking for:

  • A prestigious, lifelong symbol of knowledge and expertise as a risk professional.
  • Increased value to your organization as it seeks to manage IT risk.
  • A competitive advantage over peers when seeking job growth.
  • Access to ISACA's global community of knowledge and the most up-to-date thinking on IT risk management.
  • Achievement of a high professional standard through ISACA’s requirements for continuing education and ethical conduct.
Job Roles include:
  • IT professionals.
  • Risk professionals.
  • Control professionals.
  • Business analysts.
  • Project managers.
  • Compliance professionals.


To register for the exam, individuals must provide evidence of appropriate work experience in risk management and information system control as defined by the CRISC® job practice.


  • CRISC Review Manual 2015 by ISACA
  • CRISC Review Questions, Answers & Explanations Manual 2015 by ISACA


  • 40 Hours


The CRISC® exam consists of 200 items taken over a 4-hour period.

Candidate scores are reported as a scaled score. A scaled score is a conversion of a candidate's raw score on an exam to a common scale. ISACA uses and reports scores on a common scale from 200 to 800.

A candidate must receive a score of 450 or higher to pass the exam. A score of 450 represents a minimum consistent standard of knowledge as established by ISACA's CRISC® Certification Committee.

A candidate receiving a passing score may then apply for certification the following requirements are met including:

  • Adhering to the ISACA Code of Professional Ethics.
  • Agreeing to comply with the CRISC® Continuing Education Policy.
  • Risk management and information systems control experience

Key 2019 Exam Registration Dates:  

October 1st, 2018 - January 24th, 2019 Testing Window
1 July 2018 Registration and Scheduling Opens
18 January 2019 Final Registration Deadline

February 1st, 2019 - May 24th, 2019 Testing Window
May 18th, 2019 Final registration deadline
May 23rd Final scheduling deadline


  • CISA


Day 1 - Risk identification, assessment, and evaluation
  • Intro to Risk Management
  • System Development Life Cycles
  • Understanding the enterprise
  • Legal, regulatory and contractual requirements
  • Working with stakeholders
  • Asset management
  • Information threats
  • Vulnerability analysis
  • Understanding impacts
  • Validating risk appetite and tolerance

Day 2 - Risk Response & Risk Monitoring
  • Develop and implement risk responses
  • Evaluating risk response options
  • Validation of efficiency, effectiveness, and economy
  • Developing of the risk profile
  • Developing of business cases
  • Collect and validate data that measure key risk indicators (KRIs)
  • Facilitating independent risk assessments and process reviews
  • Identifying and reporting

Day 3 - Information Systems Control Design and Implementation

  • Understanding of the business process objectives
  • Design information systems controls
  • Facilitate the identification of resource
  • Ensuring implementation within time, budget and scope
  • Provide progress reports
  • Implementing information systems controls
  • Identification of metrics and key performance indicators (KPIs)
  • Assess and recommend tools
Day 4 - Control Monitoring and Maintenance
  • Plan, supervise and conduct testing
  • Review information systems policies, standards, and procedures
  • Using CMMI to evaluate the current state of information systems processes
  • Correcting information systems control deficiencies and maturity gaps
  • Provide information systems control status  
Day 5 – Review and Practice Test
  • Understanding multiple-choice exams strategies
  • Time management for exam
  • Practice test and reviewing answers

News Flash: CRISC is a Top-Paying Certification

Certified in Risk and Information Systems Control (CRISC) - $118,253

The non-profit group ISACA offers CRISC certification, much in the way that CompTIA manages the A+ and Network+ certifications. Formerly, "ISACA" stood for Information Systems Audit and Control Association, but now they've gone acronym only.

The CRISC certification is designed for IT professionals, project managers, and others whose job it is to identify and manage risks through appropriate Information Systems (IS) controls, covering the entire lifecycle, from design to implementation to ongoing maintenance. It measures two primary areas: risk and IS controls. Similar to the IS control lifecycle, the risk area spans the gamut from identification and assessment of the scope and likelihood of a particular risk to monitoring for it and responding to it if/when it occurs.

Since CRISC's introduction in 2010, more than 17,000 people worldwide have earned this credential, The demand for people with these skills and the relatively small supply of those who have them result in this being the highest salary for any certification on our list this year.

To obtain CRISC certification, you must have at least three years of experience in at least three of the five areas that the certification covers, and you must pass the exam, which is only offered twice a year. This is not a case where you can just take a class and get certified. Achieving CRISC certification requires effort and years of planning.

Source: 2014 IT Skills and Salary Survey conducted by GK and Penton Media


ISACA’s CRISC Certification Wins 2013 Best Professional Certification Award from SC Magazine

logo CRISC - Certified in Risk and Information Systems Control Course Info.
Start Date End Date Location Days In Person Online
Jul. 15, 2024 Jul. 19, 2024 Alexandria, VA
Eastern Time
(5 Days)
Register Register
Oct. 14, 2024 Oct. 18, 2024 Alexandria, VA
Eastern Time
(5 Days)
Register Register

Not able to attend public scheduled classes? No problem, let us come to you to train your staff on-site on CRISC (Certified in Risk and Information Systems Control)