Course Outline

Domain 1: Governance

  • 1.1 Governance Frameworks and Principles
    • Understand various governance frameworks (e.g., COSO, COBIT).
    • Principles of effective governance.
  • 1.2 Organizational Structure and Culture
    • Roles and responsibilities within the organization.
    • Cultural factors influencing risk management.
  • 1.3 Legal and Regulatory Compliance
    • Compliance requirements relevant to IT risk management.
    • Legal implications of non-compliance.
  • 1.4 Risk Management Framework
    • Components of a risk management framework.
    • Integration of risk management into organizational processes.
  • 1.5 Ethics and Codes of Conduct
    • Ethical considerations in risk management.
    • Importance of adherence to codes of conduct.

Domain 2: IT Risk Assessment

  • 2.1 Risk Identification Techniques
    • Methods for identifying IT risks.
    • Risk identification tools and methodologies.
  • 2.2 Risk Analysis and Evaluation
    • Quantitative and qualitative risk analysis techniques.
    • Evaluation of risk scenarios and their impact.
  • 2.3 IT Asset Valuation
    • Methods for valuing IT assets.
    • Importance of asset valuation in risk assessment.
  • 2.4 Threat and Vulnerability Identification
    • Identification of IT threats and vulnerabilities.
    • Techniques for assessing the likelihood and impact of threats.

Domain 3: Risk Response and Reporting

  • 3.1 Risk Response Options
    • Strategies for responding to identified risks.
    • Risk treatment options (avoidance, mitigation, transfer, acceptance).
  • 3.2 Control Selection and Implementation
    • Selection of appropriate controls based on risk assessment.
    • Implementation of controls to mitigate risks effectively.
  • 3.3 Risk Monitoring and Communication
    • Methods for monitoring and measuring risk over time.
    • Effective communication of risk information to stakeholders.
  • 3.4 Incident Response and Management
    • Incident response planning and execution.
    • Post-incident analysis and lessons learned.

Domain 4: Information Technology and Security

  • 4.1 IT Concepts and Architecture
    • Fundamental concepts of IT architecture.
    • Components of IT systems and their interrelationships.
  • 4.2 Information Security Fundamentals
    • Principles of information security management.
    • Common security controls and their implementation.
  • 4.3 Emerging Technology Trends
    • Current trends in technology (e.g., cloud computing, IoT).
    • Implications of emerging technologies on risk management.
  • 4.4 Security Policies, Standards, and Procedures
    • Development and implementation of security policies.
    • Adherence to industry standards and best practices.


 21 Hours

Number of participants

Price per participant

Testimonials (2)

Related Courses

CRISC - Certified in Risk and Information Systems Control - 4 Days

28 Hours

CISA - Certified Information Systems Auditor

28 Hours

Business Continuity Management

35 Hours

Building up information security according to ISO 27005

21 Hours

HiTrust Common Security Framework Compliance

14 Hours

Open Data Risk Analysis and Management

21 Hours


14 Hours

Related Categories