This instructor led, online training course, provides students with a proactive approach based on Agile methodology, you’ll learn how to enhance your company’s business resilience, deliver stakeholder value and optimize Risk Management across the enterprise.
Overview
COURSE DIFFICULTY
COURSE DURATION
15h
Skills Learned
After completing this online training course, students will be able to:
Better understand corporate IT governance
Perform IT risk assessment
Perform risk response and reporting
Develop a risk-aware culture and implementation of security awareness training
- IT Managers
- CTO
It’s recommended that students have 3 years of experience performing tasks across at least two of the four CRISC domains.
01. Organizational Governance
- Organizational Strategy, Goals, and Objectives
- Organizational Structure, Roles, and Responsibilities
- Organizational Culture
- Policies and Standards
- Business Processes
- Organizational Assets
02. Risk Governance
- Enterprise Risk Management and Risk Management Framework
- Three Lines of Defense
- Risk Profile
- Risk Appetite and Risk Tolerance
- Legal, Regulatory and Contractual Requirements
- Professional Ethics of Risk Management
03. IT Risk Identification
- Risk Events
- Contributing Conditions
- Loss Result
- Threat Modelling and Threat Landscape
- Vulnerability and Control Deficiency Analysis (Root Cause Analysis)
- Risk Scenario Development
04. IT Risk Analysis and Evaluation
- Risk Assessment Concepts, Standards, and Frameworks
- Risk Register
- Risk Analysis Methodologies
- Business Impact Analysis
- Inherent and Residual Risk
05. Risk Response
- Risk Treatment / Risk Response Options
- Risk and Control Ownership
- Third-Party Risk Management
- Issue, Finding, and Exception Management
- Management of Emerging Risk
06. Control Design and Implementation
- Control Types, Standards, and Frameworks
- Control Design, Selection, and Analysis
- Control Implementation
- Control Testing and Effectiveness Evaluation
07. Risk Monitoring and Reporting
- Risk Treatment Plans
- Data Collection, Aggregation, Analysis, and Validation
- Risk and Control Monitoring Techniques
- Risk and Control Reporting Techniques
- Heatmap
- Scorecards
- Dashboards
- Key Performance Indicators (KPIs)
- Key Risk Indicators (KRIs)
- Key Control Indicators (KCIs)
08. Information Technology Principles
- Enterprise Architecture
- IT Operations Management
- Change Management
- IT Assets
- Problems
- Incidents
09. Information Security Principles
- Information Security Concepts, Frameworks, and Standards
- Information Security Awareness Training
- Business Continuity Management
- Data Privacy and Data Protection Principles
SKILLS LEARNED
Skills Learned
After completing this online training course, students will be able to:
Better understand corporate IT governance
Perform IT risk assessment
Perform risk response and reporting
Develop a risk-aware culture and implementation of security awareness training
WHO SHOULD ATTEND
- IT Managers
- CTO
PREREQUISITES
It’s recommended that students have 3 years of experience performing tasks across at least two of the four CRISC domains.
COURSE OUTLINE
01. Organizational Governance
- Organizational Strategy, Goals, and Objectives
- Organizational Structure, Roles, and Responsibilities
- Organizational Culture
- Policies and Standards
- Business Processes
- Organizational Assets
02. Risk Governance
- Enterprise Risk Management and Risk Management Framework
- Three Lines of Defense
- Risk Profile
- Risk Appetite and Risk Tolerance
- Legal, Regulatory and Contractual Requirements
- Professional Ethics of Risk Management
03. IT Risk Identification
- Risk Events
- Contributing Conditions
- Loss Result
- Threat Modelling and Threat Landscape
- Vulnerability and Control Deficiency Analysis (Root Cause Analysis)
- Risk Scenario Development
04. IT Risk Analysis and Evaluation
- Risk Assessment Concepts, Standards, and Frameworks
- Risk Register
- Risk Analysis Methodologies
- Business Impact Analysis
- Inherent and Residual Risk
05. Risk Response
- Risk Treatment / Risk Response Options
- Risk and Control Ownership
- Third-Party Risk Management
- Issue, Finding, and Exception Management
- Management of Emerging Risk
06. Control Design and Implementation
- Control Types, Standards, and Frameworks
- Control Design, Selection, and Analysis
- Control Implementation
- Control Testing and Effectiveness Evaluation
07. Risk Monitoring and Reporting
- Risk Treatment Plans
- Data Collection, Aggregation, Analysis, and Validation
- Risk and Control Monitoring Techniques
- Risk and Control Reporting Techniques
- Heatmap
- Scorecards
- Dashboards
- Key Performance Indicators (KPIs)
- Key Risk Indicators (KRIs)
- Key Control Indicators (KCIs)
08. Information Technology Principles
- Enterprise Architecture
- IT Operations Management
- Change Management
- IT Assets
- Problems
- Incidents
09. Information Security Principles
- Information Security Concepts, Frameworks, and Standards
- Information Security Awareness Training
- Business Continuity Management
- Data Privacy and Data Protection Principles
SCHEDULE
