The course objectives are:

  • To understand the risks faced by the enterprise to their Information Technology (IT) Assets [ includes Data, Applications, Systems & Networks]
  • To understand the risk management activities (Identify, analyse, evaluate, treat and manage Risks to Information Assets Risk) and how it helps to manage the overall Enterprise Risk Management Risks
  • To understand the activities required to design, implement, maintain and monitor the controls which help to manage the risks in a cost-effective manner
  • Understand that risk management must take into consideration the importance of aligning with the enterprise business objective and complying with legislation & regulations and policies

The course is prepared and delivered by referencing the ISACA CRISC (Certified in Risk and Information Systems Control) Review Manual 6th edition. The intention is that the learner has the overview and foundation to prepare for the ISACA CRISC Exam in addition to gaining the knowledge on IT Risk.  (Below extracted from the ISACA CRISC Manual table of contents)


Domain 1 IT Risk Identification

  • Risk Capacity, Risk Appetite and Risk tolerance
  • Risk Culture, Communication,
  • Information Security Risk Concepts and Principals
  • IT Risk Strategy of the Business
  • IT Concepts and areas of concern for the Risk Practitioner
  • Methods of risk identification
  • IT Risk Scenarios
  • Awareness, ownership and accountability
  • IT Register


Domain 2 IT Risk Assessment

  • Risk Analysis Methodologies
  • Risk Assessment techniques
  • Analysis Risk Scenarios
  • Risk environment and current state of controls
  • Risk and control analysis
  • Risk evaluation and prioritisation
  • Project and Program management


Domain 3 Risk Response and Mitigation

  • Align risk response action plan with Business Objectives
  • Business Review tools and techniques
  • Control design, implementation, monitoring, effectiveness and vulnerability check
  • Control activities, objectives, practices and Metrics
  • Impact of emerging technologies on Control design and implementation


Domain 4 Risk and Control Monitoring and Reporting

  • Key Risk and Performance Indicators
  • Data collection and extraction tools and techniques
  • Control Assessment types, results, and Monitoring and Control
  • Change to the Risk profile

This course is developed specifically for those experienced in the management of IT Risk, and the design, implementation, monitoring and maintenance of IS controls.


Minimum of 3 years of cumulative work experience performing the tasks of a CRISC professional across at least 2 of the 4 CRISC domains.

Experience substitution not available.



27 – 29



18 – 20


24 – 26


23 – 25


25 – 27

Duration: 3 Days

Course Fee


Course Fee w/o GST $1,650.00
Course Fee w. GST (9% effective 1st Jan 2024) $1,798.50
SME (Company Sponsored) – All Singaporean and Permanent Resident Employee $1,798.50
Singapore Citizens aged 40 years old and above $1,798.50
Singapore Citizens below 40 years old and Permanent Residents $1,798.50

Exam Fee

  • Exam Voucher is non-inclusive and optional. Please contact us for more info.

Certification Body

Skillsfuture Credit

All WSG-SSG Funded course are eligible for Skillsfuture Credit. Singaporean Aged 25 and above are eligible to use their Skillsfuture credit for course enrolment.

Post-Secondary Education Account (PSEA)

All Singaporean below 31 years old and entitled to utilise their PSEA account for this following course.
Participant may also opt to utilise his/her sibling PSEA account balance (if there are insufficient balance in your account).

Book Now

    Leave a Comment

    Your email address will not be published.