Learn about IT risk identification, one of the four IT risk management domains, and begin preparing for the CRISC certification exam.
Overview
Syllabus
Introduction
- Governance
- What you need to know
- Define IT risk
- Collect relevant information
- Measure IT risk
- Understand threats
- Understand vulnerabilities
- Protect people
- Protect processes
- Protect technology
- Prioritize IT risk
- Establish an IT risk register
- Understand the enterprise risk profile
- Three lines of defense
- Identify key stakeholders
- Determine risk appetite and tolerance
- Align with business objectives
- Align with external requirements
- Develop control documentation
- Enable informed decisions
- Collaborate with stakeholders
- Develop a risk-awareness program
- Train your stakeholders
- Promote a risk-aware culture
- Next steps
Taught by
Jerod Brennen