CRISC Cert Prep: 2 IT Risk Assessment
1h 51mIntermediate2022-01-18
Authors

Jerod Brennen
Security Architect, Advisor, Speaker, Teacher
Course details
The Certified in Risk and Information Control (CRISC) certification is an established, well-recognized credential from ISACA. A CRISC certification shows employers that you understand how to identify and manage IT risk in an enterprise and that you’re capable of implementing and maintaining the controls necessary to address risks. This series of courses explains the four IT risk management domains. In this course, instructor Jerod Brennen focuses on the second CRISC domain: IT Risk Assessment. Jerod covers basic risk assessment techniques, then goes into how you can dig deeper and determine risk rankings. He goes over how to analyze risk scenarios for your organizational structure, policies, technology, architecture, and more. Jerod discusses how to analyze the effectiveness of your current controls, including leveraging assessments and performing gap analysis. Jerod concludes with useful advice on communicating your risk assessment results and updating your risk register.
Skills covered
Security TestingVulnerability ManagementCybersecurityCert Prep
Concepts
0. Introduction
- 01 - IT risk assessment
1. Risk Assessment Fundamentals
- 02 - Basic risk assessment techniques
- 03 - Digging deeper
- 04 - Risk analysis methodologies
- 05 - Determine risk rankings
- 06 - Develop IT risk scenarios
- 07 - Perform threat modeling
2. Criteria-Based Analysis
- 08 - Analyze organizational structure
- 09 - Analyze policies, standards, and procedures
- 10 - Analyze technology
- 11 - Analyze architecture
- 12 - Analyze controls
3. Control Effectiveness
- 13 - Review historical data
- 14 - Leverage assessments
- 15 - Incorporate external information
- 16 - Perform a gap analysis
- 17 - Evaluate control effectiveness
4. Assessment Results
- 18 - Review risks
- 19 - Communicate risk assessment results
- 20 - Update the risk register
Conclusion
- 21 - Next steps
Related courses
- ISACA Certified in Risk and Information Systems Control (CRISC) Cert Prep
- CRISC Cert Prep: 1 Governance
- CRISC Cert Prep: 3 Risk Response and Reporting
- CRISC Cert Prep: The Basics
- CRISC Cert Prep: 4 Information Technology and Security
- VMware vSphere 7 Professional: 05 Updates and Upgrades
- VMware vSphere 7 Professional: 09 Troubleshooting, Backup, and Recovery
- VMware vSphere 7 Professional: 07 Resource Management
Related learn paths
- Prepare for the Certified in Risk and Information Systems Control (CRISC) Certification Exam (2021)
- Improve Your VMWare NSX-T Skills
- Prepare for the VMware Certified Professional: Data Center Virtualization (VPC-DCV) Exam
- Prepare for the VMware Certified Professional: Network Virtualization 2022 (VCP-NV) Certification Exam
- Prepare for the VMware Certified Professional: Data Center Virtualization 2022 (VCP-DCV) Certification Exam
- Explore Music Production
- Become a Recording Engineer
- Record Musical Instruments