Use this quick start guide to collect all the information about ISACA CRISC Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the ISACA Risk and Information Systems Control (CRISC) exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual ISACA Certified in Risk and Information Systems Control (CRISC) certification exam.
The ISACA CRISC certification is mainly targeted to those candidates who want to build their career in IT Risk management domain. The ISACA Certified in Risk and Information Systems Control (CRISC) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of ISACA Risk and Information Systems Control.
ISACA CRISC Exam Summary:
| Exam Name | ISACA Certified in Risk and Information Systems Control (CRISC) |
| Exam Code | CRISC |
| Exam Price ISACA Member | $575 (USD) |
| Exam Price ISACA Nonmember | $760 (USD) |
| Duration | 240 mins |
| Number of Questions | 150 |
| Passing Score | 450/800 |
| Books / Training |
Conferences In-person training Online training Careers Accredited partner training Customized training |
| Schedule Exam | Exam Registration |
| Sample Questions | ISACA CRISC Sample Questions |
| Practice Exam | ISACA CRISC Certification Practice Exam |
ISACA Risk and Information Systems Control Exam Syllabus Topics:
| Topic | Details | Weights |
|---|---|---|
| Governance |
- The governance domain interrogates your knowledge of information about an organization’s business and IT environments, organizational strategy, goals and objectives, and examines potential or realized impacts of IT risk to the organization’s business objectives and operations, including Enterprise Risk Management and Risk Management Framework.
A. Organizational Governance
B. Risk Governance
|
26% |
| IT Risk Assessment |
- This domain will certify your knowledge of threats and vulnerabilities to the organization’s people, processes and technology as well as the likelihood and impact of threats, vulnerabilities and risk scenarios.
A. IT Risk Identification
B. IT Risk Analysis and Evaluation
|
20% |
| Risk Response and Reporting |
- This domain deals with the development and management of risk treatment plans among key stakeholders, the evaluation of existing controls and improving effectiveness for IT risk mitigation, and the assessment of relevant risk and control information to applicable stakeholders.
A. Risk Response
B. Control Design and Implementation
C. Risk Monitoring and Reporting
|
32% |
| Information Technology and Security |
- In this domain we interrogate the alignment of business practices with Risk Management and Information Security frameworks and standards, as well as the development of a risk-aware culture and implementation of security awareness training.
A. Information Technology Principles
B. Information Security Principles
|
22% |
To ensure success in ISACA Risk and Information Systems Control certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for ISACA Risk and Information Systems Control (CRISC) exam.