ISACA Authorized

Certified in Risk and Information Systems Control (CRISC)

15,19,20,21,22

Demonstrating top-most knowledge and expertise in field of risk management
Finest courseware material to prepare you for the exam
Excellent training sessions explaining best techniques and methodology of the course

Group Enrollment with Friends or Colleagues | Get a quote

Certified in Risk and Information Systems Control (CRISC) training context photo

4,371 Ratings

11.4K

Learners

Official Training Partner

ISACA

Course Overview

Certified in Risk and Information Systems Control (CRISC) Course Overview

As the name goes the Certified Risk Information Systems Control training course provides delegates with essential technical skills which can ensure them success in the field of IT security. Attaining this certification is a representation of stronger proficiency and expertise in the realm of security operations.

Today the demand for CRISC certified candidates is growing and in past few years this has been established as one of the most desirable IT certifications worldwide. With 3-4 days of training at Live Learnfly the delegates with attain excellence in methods and processes associated with risk identification, risk analysis and controlling risk.

Certified in Risk and Information Systems Control (CRISC) Course Key Features

100% Money Back Guarantee

Official courseware + exam voucher included
Live online + classroom format options
Hands-on labs and real-world case studies
Simulation tests at the end of training
Up-to-date curriculum aligned to the latest exam version
Includes 5 mock exams, 150 questions each
24×7 learner assistance and support
30-day re-attendance guarantee

Skills Covered

Risk management & governance
Identity and access management
Security architecture & engineering
Communication and network security
Asset security
Security assessment & testing
Security operations
Software development security

Next Cohort Starts On 30 Jun

Days: --
Hours: --
Minutes: --
Seconds: --

Corporate Training

Enterprise training for teams — private cohorts, custom curriculum, L&D reporting.

Explore corporate plans

Benefits

Why this certification pays off

Certified professionals in this domain are in active demand across IT services, banking, and government. Click a designation to see the salary range and the companies hiring most actively for that role.

Designation

Annual Salary (USD)

Source: Glassdoor (indicative)

Hiring Companies

IBM
Vodafone
Cisco
Accenture
Deloitte
TCS

Source: Indeed

Training Options

Pick the format that fits your week

Three ways to take this course — all include official courseware, hands-on labs, and full certification support.

Preferred
Online Bootcamp
Live Instructor-Led
Live cohort over Zoom/Teams.
- Flexi Pass: reschedule within 90 days
- Live online classes recorded for later review
- Includes self-paced e-learning content
- 24×7 learner assistance and support
- Aligned to the latest exam version
Batch starting from
- • 30 Jun 2026, Weekday Class
- • 21 Jul 2026, Weekend Class
View all schedules
25% Off
$1,499$1,999
Enroll Now
Classroom Batch
In-Person Cohort
Full-day immersive training at our hubs.
- Eight hours daily, in-person delivery
- Available in Dubai, Delhi, Mumbai, London, Singapore
- Printed manuals + exam vouchers included
- Lunch, refreshments, hotel pickup at partner hubs
- Exam can be booked onsite at partner test centres
Batch starting from
- • 30 Jun 2026, Classroom Batch (Dubai)
- • 21 Jul 2026, Classroom Batch (Delhi)
View all schedules
17% Off
$2,499$2,999
Enroll Now
Corporate Training
Private Team Cohort
Upskill or reskill your team — on-site, online, or hybrid.
- Blended delivery — self-paced + live + on-site
- Custom curriculum tailored to your tech stack
- Enterprise-grade LMS integration (SCORM / xAPI)
- Dashboards for L&D leaders + per-team reporting
- NDA-friendly, procurement-ready
Pricing
Custom Quote
Volume discounts at any seat count.
Contact Us

Curriculum

Course Curriculum

Eligibility, prerequisites, and a module-by-module breakdown of what you'll cover.

Eligibility

Designed for working professionals with foundational experience in the discipline. A post-secondary degree in computer science, IT, business, or related fields may substitute for up to one year of experience. Part-time work, internships, or relevant certifications can also count toward the requirement.

Pre-requisites

To get CRISC certification you need to get some years of working experience.

The four CRISC domains are as follows:

IT Risk Identification
IT Risk Assessment
Risk Response and Mitigation
Risk and Control Monitoring and Reporting

Course modules

Click any module to expand the key topics covered.

Module 01 — Security and Risk Management

Foundations of confidentiality, integrity, and availability, plus risk frameworks that anchor every other domain.

Key topics

CIA triad + security governance principles
Compliance, legal & regulatory issues
Professional ethics and codes of conduct
Risk management concepts + threat modelling
Security policies, standards, procedures, and guidelines

Module 02 — Asset Security

Classifying information assets and applying the right controls across the data lifecycle.

Key topics

Information & asset classification
Data owners, processors, and custodians
Data lifecycle: collection, storage, disposal
Asset retention requirements and data minimisation
Data security controls + standards selection

Module 03 — Security Architecture and Engineering

Designing secure systems — from cryptographic primitives to secure architecture patterns.

Key topics

Engineering processes using secure design principles
Security models (Bell–LaPadula, Biba, Clark–Wilson)
Cryptography: symmetric, asymmetric, hashing, PKI
Vulnerabilities in web, mobile, cloud, IoT, ICS
Physical security and site design

Module 04 — Communication and Network Security

Network protocols, secure communications, and the topology decisions that determine your perimeter.

Key topics

OSI / TCP-IP models and secure network components
Secure communication channels (VPN, TLS, SD-WAN)
Network attacks + mitigations
Wireless, cellular, and satellite security
Firewalls, IDS/IPS, NAC, and zero-trust networking

Module 05 — Identity and Access Management (IAM)

Who can do what, when, and how — the access control core every breach investigation comes back to.

Key topics

Identification, authentication, authorisation, accountability
Identity-as-a-service and federated identity (SAML / OIDC)
Access control models (DAC / MAC / RBAC / ABAC)
Privileged access management (PAM)
Identity lifecycle and provisioning

Module 06 — Security Assessment and Testing

Designing, performing, and analysing the assessments that prove your controls actually work.

Key topics

Assessment, test, and audit strategies
Vulnerability assessments + penetration testing
Log management and SIEM correlation
Code review and security control validation
Security metrics + management reporting

Module 07 — Security Operations

Day-to-day operational security — detection, response, recovery, and the disciplined rituals around them.

Key topics

Investigations and incident response lifecycle
Logging, monitoring, and threat intelligence
Vulnerability and patch management
Disaster recovery + business continuity planning
Physical security, personnel safety, and fire safety

Module 08 — Software Development Security

Embedding security across the SDLC — from requirements to release and into post-deployment monitoring.

Key topics

Security in the SDLC (Waterfall, Agile, DevSecOps)
Secure coding standards + common vulnerabilities (OWASP Top 10)
Application security testing (SAST, DAST, IAST, SCA)
Software supply chain security
Maturity models (BSIMM, SAMM) and assurance

Exam & Certification

How the official exam works

After course completion, your training advisor helps you schedule the official certification exam — booking the test centre, sending practice mock exams, and supplying the exam voucher at partner pricing where applicable. Pass on first attempt and you'll receive both the official vendor certificate and your SkillCertified completion certificate.

Exam duration
3–6 hours
Questions
100–150
Passing score
70%+
Validity
3 years

Sample SkillCertified Certificate of Course Completion

Sample SkillCertified certificate of completion

Get in touch

Still have questions about
Certified in Risk and Information Systems Control (CRISC)?

Tell us a bit about yourself — an advisor will reach out within one business hour with answers, schedules, and any group-pricing options.

1-hour response promise
Real humans, not chatbots
No-obligation consultation

Request More Information

Frequently asked questions

What will be the experience of my instructor?

You will be supervised under guidance of instructor with expertise in information system with years of industry experience.

What does the course include?

The course includes 3-4 days of training by our instructors, courseware book and a certificate of achievement.

Does the course include the exam?

The CRISC exam must be booked separately through ISACA.

Related Programs

Certified in Risk and Information Systems Control (CRISC)

Certified in Risk and Information Systems Control (CRISC) Course Overview