SlideShare a Scribd company logo

CRISC Course Preview

Download as PPTX, PDF
I
Invensis Learning

Certified in Risk and Information Systems Control™ (CRISC™) is the most current and rigorous assessment which is presently available to evaluate the risk management proficiency of IT professionals and other employees within an enterprise or financial institute. CRISC help enterprises to understand business risk, and have the technical knowledge to implement appropriate IS controls. This CRISC Certification training course accredited by ISACA is ideal for IT professionals, risk professionals, control professionals, business analysts, project managers, compliance, professionals and more. To know more about CRISC Certification training worldwide, please contact us at - Email: support@invensislearning.com Phone - US +1-910-726-3695, Website: https://www.invensislearning.com

Education
1 of 30
CRISC® is a registered trademark of ISACA CRISC® Training Course Name : CRISC® Training Version : INVL_CRISC_CW_01_1.0 Course ID :ITSG - 156
2 About Invensis Learning Invensis Learning is a leading certification training provider for individuals and enterprises globally. Our expertise in providing globally-recognized IT & Technical certification courses has enabled us to be one of the trusted certification training partners for many Fortune 500 organizations and Government institutions worldwide. Invensis Learning has trained and certified thousands of professionals across a wide-range of categories such as IT Service Management, Project Management, Quality Management, IT Security and Governance, Cloud Computing, DevOps, Agile Project Management, and Digital Courses. Invensis Learning’s certification training programs adhere to global standards such as PMI, TUV SUD, AXELOS, ISACA, DevOps Institute, EXIN, and PEOPLECERT.
3 What We Offer We offer globally-recognized training and certifications in categories such as Project Management, ITSM, Agile, Quality Management, Technology Training, Program Management and IT Security & Governance. ITSM Project Management Quality Management Technology Training Agile & Scrum IT Security & Governance ITIL Foundation PMP Project Rescue Six Sigma Yellow Belt Training Cloud Computing PMI-ACP COBIT5 Foundation ITIL SD CAPM Project Scope Management Six Sigma Green Belt Training Big Data Scrum Training COBIT5 Implementation ITIL SS PRINCE2 Project Time Management Six Sigma Black Belt Training Hadoop DevOps Foundation COBIT5 Assessor ITIL ST PgMP Project Communications and Management Lean Six Sigma Green Belt Training .Net Technologies ISO/IEC 27001 Foundation ITIL SO PMI-RMP Project Cost Management Lean Six Sigma Black Belt Training Data Warehousing CRISC ITIL CSI P3O Project Procurement Management Introduction to Lean Training CISSP CGEIT ITIL RCV MSP Project Leadership Lean Fundamentals Program VC++, MCF ITIL OSA Microsoft Project Change Management Lean Management Training Advanced WCF, ITIL SOA Microsoft Project Server Implementing a Project Management Lean Manufacturing Training Advanced JAVA ITIL PPO IT Project Management Managing Conflict in the Workplace Lean Processes and Tools Advanced J2EE ITIL MALC Project Management Overview Negotiating in a Project Environment Lean Six Sigma in Information ISO 20000 Project Initiation Presentation Skills for Project Personnel Lean Six Sigma in Healthcare Earned Value Management Project Estimating Techniques DFSS Yellow Belt Training Project Risk Management Managing Multiple Projects DFSS Green Belt Training Project Sponsorship DFSS Black Belt Training Team Development MINITAB Training
4 Chapter 1: Risk Management – Introduction Chapter 2: Risk Identification Chapter 3: Risk Assessment Chapter 4: Risk Response and Mitigation Chapter 5: Risk and Control Monitoring and Reporting Table of Contents
Chapter 1: Risk Management - Introduction
6 What is Risk? “An unforeseen event that may cause negative impact (or positive sometimes) on the outcome of a project or daily operations that eventually affects the ability to meet business objectives” Types of Risks • Enterprise (Business) Risk i.e. Strategy, Compliance, Market Risk etc. • IT Risk i.e. Operations, Information Security, Project/Program risks etc. Note: IT Risk is a subset of Enterprise Risk Risk occurrence, most invariably, affects IT value delivery to business. Risk Governance ensures Risk Management practices are followed consistently across the enterprise to maximize value delivered to business. Note: From hereon, in this manual, the term Risk refers to IT Risk unless specifically stated otherwise Chapter 1: Risk Management - Introduction
7 IT Risk Management Life Cycle IT Risk Identification IT Risk and Control Monitoring and Reporting IT Risk Response and Mitigation IT Risk Assessment Chapter 1: Risk Management - Introduction
8 IT Risk Management Life Cycle What is Control? It’s a systemic (technical) or procedural (process) or administrative (policy) or physical entity that is used to either eliminate risk or to reduce the impact of a risk event (if it occurs) Examples: Anti-virus (AV) Software, Cyber Risk Insurance Risk and Control Monitoring • Monitoring of Controls used is essential to ensure effectiveness of risk control • Similarly, monitoring of identified risks and new risks is also equally essential Examples: Monitoring Anti-Virus Signature Updates on all systems, Viruses detected & reported by AV, Network traffic Monitoring to detect anomalies Chapter 1: Risk Management - Introduction
9 Chapter 1: Risk Management - Introduction IT Risk Management Life Cycle Risk Response Types • Eliminate/Avoid • Risks that threaten the survival of an organization must be eliminated • Example: Business model that uses Robotics extensively for operations wherein the local government passes a legislation to protect the interests of industrial labour (thereby challenging the business model) • Mitigate/Reduce • Risks that threaten the realization of benefits to business • Example: IT disruption (i.e. data centre outage) causing business downtime • Transfer • Risks that can be transferred to a third party • Example: Cyber Risk Insurance • Accept • Risks that are least probable to occur and cost of mitigation far outweighs the benefits • Example: Data Centre (DC) location prone to hurricanes. Relocation or building a secondary DC would be more expensive. Data Backups relocated to an offsite location is a good risk mitigation strategy but beyond that you accept the risk (of downtime).
10 Enterprise Risk Management (ERM) Business Risk Management IT Risk Management Unit 1 Unit 2 Unit 3 ……………………… ………. Risk Register Board of Directors Risk Assessment Risk Identification Risk Response and Mitigation Risk Monitoring Risk Reporting Chapter 1: Risk Management - Introduction Risk Governance
11 Chapter 1: Risk Management - Introduction Risk Management Frameworks & Methodologies  ISO/IEC 27005:2018 (Information Security Risk Management)  NIST SP 800 30  Factor Analysis of Information Risk (FAIR)  Risk IT Framework from ISACA  ISO 31000:2018  COBIT® for Risk  COSO
12 Chapter 1: Risk Management - Introduction Knowledge Test  Cite a few examples for Risks related to Information Technology.  When is it advisable to accept a Risk?  Risk Management process is linear. True/False?  Give an example for a Control that helps in avoiding Risk.  Risk Register has only IT related Risks. True/False?  Who reports to board about the Risk Management Status?
Chapter 2: Risk Identification
14 Note: Participants are requested to review the documentation for commonly used Risk Management frameworks (listed at the end of chapter 1) to familiarize them. CRISC exam doesn’t test knowledge about a particular standard or framework though. Chapter 2: Risk Identification Assets, Threats and Vulnerabilities  Asset – Any tangible or intangible entity that should be protected to ensure delivery of value to business Example: People, Reputation, Information, Process, Technology Infrastructure etc.  Threat – Anything that can erode the value of an Asset – refers to a potential adverse event Example: Unencrypted data can be eavesdropped on a network  Threat Agent – Anything that gives rise to a threat – something that can make the threat real Example: Third-party user gaining access to corporate wireless network by virtue of weak authentication  Vulnerability – Systemic or procedural weakness in a process or a system that the threat agent can exploit
15 Note: Participants are requested to review the documentation for commonly used Risk Management frameworks (listed at the end of chapter 1) to familiarize them. CRISC exam doesn’t test knowledge about a particular standard or framework though. Risk can also be defined as “the likelihood of a threat agent making the threat real by exploiting the vulnerability found on the Asset” Chapter 2: Risk Identification Assets, Threats and Vulnerabilities
16 Note: Participants are requested to review the documentation for commonly used Risk Management frameworks (listed at the end of chapter 1) to familiarize them. CRISC exam doesn’t test knowledge about a particular standard or framework though. Chapter 2: Risk Identification Risk Identification Techniques  Risk Identification is the organized set of processes to • Identify Assets • Assess their Value to the organization (quantitative or qualitative) • Identify Vulnerabilities, Threat and potential Threat Agents • Identify Stakeholders for Risk Identification and Ownership • Develop Risk Scenarios based on information collected • Develop the Risk Register • Communicate Risk to Senior Management • Develop the Risk Awareness program
17 Chapter 2: Risk Identification Risk Culture  Organizational Culture towards Risk & business strategy should be studied and understood properly for effective Risk Management  Some organizations are Too Risk-Taking (for example, an eCommerce company migrating to a new cutting-edge technology platform as soon as it is made available in the market) and some are Risk-Averse (a company continues to use legacy system for its operations)  What may seem to be a Risk for one organization (Risk-Averse) may be seen as an opportunity by another organization (Risk Taking)  Risk practitioner should consider the organization culture towards risk and their business strategy as inputs to the Risk Identification process
18 Chapter 2: Risk Identification Laws, Regulations, Standards and Compliance  Risk Practitioner should have clear understanding of all the laws, regulations and standards applicable in general and specific to the industry the organization belongs to • Example: PCI DSS Standard for companies that deal in online payments, GDPR for any organization that processes private user data of European Union (EU) citizens  Non-compliance to applicable laws, regulations or standards may cause loss of reputation and/or monetary losses, may attract penalties etc.  Information System Audit is an effective method to check compliance status  Audit Reports serve as valuable inputs to Risk Identification process
19 Chapter 2: Risk Identification Organizational Structure  Large organizations typically have a dedicated Chief Risk Officer (CRO) who is in-charge of Enterprise Risk Management (ERM)  Each Business Unit can have a team or an individual that handles Risk Management for that unit  The structure of the Risk Management team can be based on the overall size of the organization  CIO oversees Risk Management within IT department  Some organizations have a GRC sub-team within IT to handle IT Risk Management  The Risk Practitioner should have a clear understanding of the Risk Management Team organization and the reporting structure  A RACI Matrix can help in establishing accountability clearly
20 Chapter 2: Risk Identification Risk Appetite and Risk Tolerance  Risk Appetite and Tolerance are defined at the organizational level by the senior management  Risk Appetite refers to the level of Risk that is desirable and is set by board or senior management • Risk Appetite is a broader-level definition of how much risk can be taken without affecting the business • Example: The board may decide that the organization can sustain a loss of revenue of 5% from one category of products  Tolerance is the tolerable deviation to the limits set by Risk Appetite • Tolerance is a narrower definition of the range of deviation to the limit set by Risk Appetite • Example: The board may decide that the organization can sustain a loss of revenue of 5% from one category of products with a tolerance level of +/- 2% i.e. the loss of revenue can be 3% to 7% (max).  Both Risk Appetite and Tolerance change over time based on several factors and so need to be reviewed from time-to- time.
21 Chapter 2: Risk Identification Residual Risk  When Risk is mitigated by using an appropriate Control, either the likelihood or impact of the Risk is reduced sufficiently (in line with the Risk Appetite and Tolerance)  But Risk is still not completely eliminated – some part of the Risk still exist  The remaining part of the Risk (likelihood and impact) is called the Residual Risk  Periodic and regular monitoring is required to ensure Residual Risk doesn’t cross the levels set by Risk Appetite  Identifying Residual Risks (post Risk Response and Mitigation) is essential part of Risk Management (Remember Risk Management process is cyclic)  Residual Risks should be treated like primary Risks if they are likely to exceed the limits acceptable to the organization
22 Chapter 2: Risk Identification Risk Identification Techniques  Evidence Based • Historical Records • System logs, Access logs • Audit Reports • Vulnerability Analysis Reports • CERT Advisories from Vendors and other organizations • Process documentation Review • Third-party Contracts • Expert Review • SME Review of processes, practices followed etc. • Peer Review or Interviewing • Review the processes of each business unit with the respective department staff
23 Chapter 2: Risk Identification Areas for IT Risk Identification  IT Infrastructure – hardware/software/Data Centres – Review documentation and Inspect existing controls if any  SDLC (for organizations using in-house software development)  Project/Program Management (Risks related to project/programs)  Supplier Contracts  Business Continuity Planning (BCP) and Disaster Recovery (DR) Management  IT Operations (ITIL V3 process audit reports)  New Technologies (i.e. Cloud, AI, Blockchain etc.) relevant to the organization and Risks involved in adopting them  Data or Information Assets
24 Chapter 2: Risk Identification IT Risk Analysis  Risk Analysis can be Qualitative or Quantitative • Qualitative - ranks each risk as high, medium or low – subjective – easier to perform • Quantitative - gives a numerical score to each risk – objective – very difficult  A thorough analysis will be done during Assessment phase – high level analysis is required to capture all relevant data and for initial classification of risks and developing the Risk Register  Use the following techniques for identifying risks, evaluating the existing control • Root Cause Analysis • FMEA (Failure Mode Effect Analysis) • Gap Analysis • Cost-Benefit Analysis (RoI)
25 Chapter 2: Risk Identification Information Security Risk  CIA Triad – Confidentiality, Integrity and Availability  Identify Risks related to the above (i.e. absence of HA cluster, storing data without encryption etc.)  Consider the following controls for mitigating such risks • Authentication, Authorization, Auditing (AAA) • Identity Management  Consider the following controls for mitigating risks related to people • SoD – Segregation of Duties • Job Rotation • Dual Control
26 Chapter 2: Risk Identification Risk Scenarios  Use all the captured information w.r.t. Risks i.e. Threats, Agents, Vulnerabilities, Risks, Classification, Impact Assessment, existing controls etc. and prepare detailed scenarios  Qualify the Risks identified, Review and tabulate them into a Risk Register document  Classify the Risks (initial) based on impact and likelihood  Use Qualitative and Quantitative methods as appropriate  Keep all supporting documentation (evidences collected) for further review  Consider Business objectives, Risk Appetite, Tolerance  Identify Residual Risks (where Controls exist)
27 Chapter 2: Risk Identification Risk Register Refer a Standard Risk Register Template and try to understand its content and structure
28 Chapter 2: Risk Identification Risk Communication and Awareness Program  The organization should use the Risk Register to take Risk-Aware business decisions  Risk Register serves as a single point of reference for all Risks affecting business and their current status  Risk practitioner should communicate Risks and their current Status to all stakeholders  Information Security Awareness programs should be conducted to raise knowledge about Risks and various attacks targeting End Users  Information Security Policy, Process, Standards should be clearly communicated to all Employees
29 Chapter 2: Risk Identification Knowledge Test 1. Can a Risk within Risk Appetite limits be deemed as accepted? 2. Identify Risks in the following scenarios 1. Multiple users are sharing same credentials to login to system 2. Data stored on an All Flash Array storage is not being backed up as Flash is less susceptible to data corruption/loss than magnetic disks 3. A critical database server is running with a Single power supply unit 3. Risk Appetite is constant and doesn’t change over time. True or False? 4. Who approves the definition of Risk Appetite and Tolerance limits? 5. Name a Few Assets that need to be protected 6. Can a Database Administrator be allowed to create system accounts? If not, why? 7. What are the possible risks in a Cloud Migration project?
30 CONTACT INVENSIS LEARNING Email Us: © Copyright 2019 Invensis Learning Pvt Ltd. All Rights Reserved. www.invensislearning.com support@invensislearning.com USA +1-910-726-3695 | IND +91-96-2020-0784 UK +44 2033-223-280 | Germany +49 2119-5987-989 Switzerland +41-22-518-2042 | Hong Kong +852-5803-9039

Recommended

Isaca crisc-courseware
Isaca crisc-coursewareIsaca crisc-courseware
Isaca crisc-coursewareLaxmi Bank
 
CRISC Exam Questions
CRISC Exam QuestionsCRISC Exam Questions
CRISC Exam QuestionsCertifications
 
The Board and Cyber Security
The Board and Cyber SecurityThe Board and Cyber Security
The Board and Cyber SecurityFireEye, Inc.
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
ISO 27005 Risk Assessment
ISO 27005 Risk AssessmentISO 27005 Risk Assessment
ISO 27005 Risk AssessmentSmart Assessment
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...PECB
 

Recommended

Isaca crisc-courseware
Isaca crisc-coursewareIsaca crisc-courseware
Isaca crisc-coursewareLaxmi Bank
 
CRISC Exam Questions
CRISC Exam QuestionsCRISC Exam Questions
CRISC Exam QuestionsCertifications
 
The Board and Cyber Security
The Board and Cyber SecurityThe Board and Cyber Security
The Board and Cyber SecurityFireEye, Inc.
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...PECB
 
ISO 27005 Risk Assessment
ISO 27005 Risk AssessmentISO 27005 Risk Assessment
ISO 27005 Risk AssessmentSmart Assessment
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...PECB
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightProformative, Inc.
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5Eryk Budi Pratama
 
Information security governance
Information security governanceInformation security governance
Information security governanceKoen Maris
 
Mastering Information Technology Risk Management
Mastering Information Technology Risk ManagementMastering Information Technology Risk Management
Mastering Information Technology Risk ManagementGoutama Bachtiar
 
Understanding IT Governance and Risk Management
Understanding IT Governance and Risk ManagementUnderstanding IT Governance and Risk Management
Understanding IT Governance and Risk Managementjiricejka
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesWAJAHAT IQBAL
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Cyber Security Incident Response
Cyber Security Incident ResponseCyber Security Incident Response
Cyber Security Incident ResponsePECB
 
Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?PECB
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksAronson LLC
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awarenessÃsħâr Ãâlâm
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
IT Risk Management
IT Risk ManagementIT Risk Management
IT Risk ManagementComputer Aid, Inc
 
Cyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutionsCyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutionsSchneider Electric
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Priyanka Aash
 
Cybersecurity Fundamental Course by Haris Chughtai.pdf
Cybersecurity Fundamental Course by Haris Chughtai.pdfCybersecurity Fundamental Course by Haris Chughtai.pdf
Cybersecurity Fundamental Course by Haris Chughtai.pdfHaris Chughtai
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
Risk Management
Risk ManagementRisk Management
Risk Managementijtsrd
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE360 BSI
 

More Related Content

What's hot

Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightProformative, Inc.
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5Eryk Budi Pratama
 
Information security governance
Information security governanceInformation security governance
Information security governanceKoen Maris
 
Mastering Information Technology Risk Management
Mastering Information Technology Risk ManagementMastering Information Technology Risk Management
Mastering Information Technology Risk ManagementGoutama Bachtiar
 
Understanding IT Governance and Risk Management
Understanding IT Governance and Risk ManagementUnderstanding IT Governance and Risk Management
Understanding IT Governance and Risk Managementjiricejka
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesWAJAHAT IQBAL
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Cyber Security Incident Response
Cyber Security Incident ResponseCyber Security Incident Response
Cyber Security Incident ResponsePECB
 
Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?PECB
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksAronson LLC
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Cyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutionsCyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutionsSchneider Electric
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Priyanka Aash
 
Cybersecurity Fundamental Course by Haris Chughtai.pdf
Cybersecurity Fundamental Course by Haris Chughtai.pdfCybersecurity Fundamental Course by Haris Chughtai.pdf
Cybersecurity Fundamental Course by Haris Chughtai.pdfHaris Chughtai
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 

What's hot (20)

Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management Right
 
IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5IT Governance - Capability Assessment using COBIT 5
IT Governance - Capability Assessment using COBIT 5
 
Information security governance
Information security governanceInformation security governance
Information security governance
 
Mastering Information Technology Risk Management
Mastering Information Technology Risk ManagementMastering Information Technology Risk Management
Mastering Information Technology Risk Management
 
Understanding IT Governance and Risk Management
Understanding IT Governance and Risk ManagementUnderstanding IT Governance and Risk Management
Understanding IT Governance and Risk Management
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practises
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
 
Cyber Security Incident Response
Cyber Security Incident ResponseCyber Security Incident Response
Cyber Security Incident Response
 
Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?Business Continuity, Data Privacy, and Information Security: How do they link?
Business Continuity, Data Privacy, and Information Security: How do they link?
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging RisksC-Suite’s Guide to Enterprise Risk Management and Emerging Risks
C-Suite’s Guide to Enterprise Risk Management and Emerging Risks
 
Iso 27001 awareness
Iso 27001 awarenessIso 27001 awareness
Iso 27001 awareness
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
 
IT Risk Management
IT Risk ManagementIT Risk Management
IT Risk Management
 
Cyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutionsCyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutions
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES
 
Cybersecurity Fundamental Course by Haris Chughtai.pdf
Cybersecurity Fundamental Course by Haris Chughtai.pdfCybersecurity Fundamental Course by Haris Chughtai.pdf
Cybersecurity Fundamental Course by Haris Chughtai.pdf
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
 

Similar to CRISC Course Preview

Risk Management
Risk ManagementRisk Management
Risk Managementijtsrd
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE360 BSI
 
How to apply ISO 27001 using a top down, risk-based approach
How to apply ISO 27001 using a top down, risk-based approachHow to apply ISO 27001 using a top down, risk-based approach
How to apply ISO 27001 using a top down, risk-based approachPECB
 
Risk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection PowerpointRisk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection Powerpointrandalje86
 
case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)ishan parikh production
 
Certified Information Security Manager (CISM) - PPT.pdf
Certified Information Security Manager (CISM) - PPT.pdfCertified Information Security Manager (CISM) - PPT.pdf
Certified Information Security Manager (CISM) - PPT.pdfMultisoft Virtual Acedamy
 
A Major Revision of the CISRCP Program
A Major Revision of the CISRCP ProgramA Major Revision of the CISRCP Program
A Major Revision of the CISRCP ProgramGoogleNewsSubmit
 
Top 5 secrets to successfully jumpstarting your cyber-risk program
Top 5 secrets to successfully jumpstarting your cyber-risk programTop 5 secrets to successfully jumpstarting your cyber-risk program
Top 5 secrets to successfully jumpstarting your cyber-risk programPriyanka Aash
 
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...robbiesamuel
 
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Ulf Mattsson
 
How to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientHow to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientAccenture Operations
 
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016Ben Browning
 
Cyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadCyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadsavassociates1
 
Weakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainWeakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainSanjay Chadha, CPA, CA
 
Management of Risk and its integration within ITIL
Management of Risk and its integration within ITILManagement of Risk and its integration within ITIL
Management of Risk and its integration within ITILhdoornbos
 

Similar to CRISC Course Preview (20)

Risk Management
Risk ManagementRisk Management
Risk Management
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
 
GRCAlert Capabilities Deck - 2018
GRCAlert Capabilities Deck - 2018GRCAlert Capabilities Deck - 2018
GRCAlert Capabilities Deck - 2018
 
Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016
 
How to apply ISO 27001 using a top down, risk-based approach
How to apply ISO 27001 using a top down, risk-based approachHow to apply ISO 27001 using a top down, risk-based approach
How to apply ISO 27001 using a top down, risk-based approach
 
Risk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection PowerpointRisk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection Powerpoint
 
case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)case studies on risk management in IT enabled organisation(vadodara)
case studies on risk management in IT enabled organisation(vadodara)
 
Certified Information Security Manager (CISM) - PPT.pdf
Certified Information Security Manager (CISM) - PPT.pdfCertified Information Security Manager (CISM) - PPT.pdf
Certified Information Security Manager (CISM) - PPT.pdf
 
A Major Revision of the CISRCP Program
A Major Revision of the CISRCP ProgramA Major Revision of the CISRCP Program
A Major Revision of the CISRCP Program
 
Top 5 secrets to successfully jumpstarting your cyber-risk program
Top 5 secrets to successfully jumpstarting your cyber-risk programTop 5 secrets to successfully jumpstarting your cyber-risk program
Top 5 secrets to successfully jumpstarting your cyber-risk program
 
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
 
Qatar Proposal
Qatar ProposalQatar Proposal
Qatar Proposal
 
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
 
How to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber ResilientHow to Make Your Enterprise Cyber Resilient
How to Make Your Enterprise Cyber Resilient
 
Ctia course outline
Ctia course outlineCtia course outline
Ctia course outline
 
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016
AP_Cybersecurity_and_Risk_Management_Lead_from_the_C-suite_Mar_2016
 
Cyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadCyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor upload
 
Weakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainWeakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chain
 
Enterprise governance risk_compliance_fcm slides
Enterprise governance risk_compliance_fcm slidesEnterprise governance risk_compliance_fcm slides
Enterprise governance risk_compliance_fcm slides
 
Management of Risk and its integration within ITIL
Management of Risk and its integration within ITILManagement of Risk and its integration within ITIL
Management of Risk and its integration within ITIL
 

More from Invensis Learning

What is PERT in Project Management? End to End Guide
What is PERT in Project Management? End to End GuideWhat is PERT in Project Management? End to End Guide
What is PERT in Project Management? End to End GuideInvensis Learning
 
Key Roles & Responsibilities of a Creative Project Manager.pptx
Key Roles & Responsibilities of a Creative Project Manager.pptxKey Roles & Responsibilities of a Creative Project Manager.pptx
Key Roles & Responsibilities of a Creative Project Manager.pptxInvensis Learning
 
Key Elements of Enterprise Project Management.pptx
Key Elements of Enterprise Project Management.pptxKey Elements of Enterprise Project Management.pptx
Key Elements of Enterprise Project Management.pptxInvensis Learning
 
Steps to Get an Internship in Project Management.pptx
Steps to Get an Internship in Project Management.pptxSteps to Get an Internship in Project Management.pptx
Steps to Get an Internship in Project Management.pptxInvensis Learning
 
Significance of milestomnes in PM.pptx
Significance of milestomnes in PM.pptxSignificance of milestomnes in PM.pptx
Significance of milestomnes in PM.pptxInvensis Learning
 
9 Game-Changing Open-Source Project Tools Unveiled!
9 Game-Changing Open-Source Project Tools Unveiled!9 Game-Changing Open-Source Project Tools Unveiled!
9 Game-Changing Open-Source Project Tools Unveiled!Invensis Learning
 
Creating RFP in Project Management
Creating RFP in Project ManagementCreating RFP in Project Management
Creating RFP in Project ManagementInvensis Learning
 
Best Practices for Effective Dependency Management in Project Management
Best Practices for Effective Dependency Management in Project ManagementBest Practices for Effective Dependency Management in Project Management
Best Practices for Effective Dependency Management in Project ManagementInvensis Learning
 
project management timeline.pptx
project management timeline.pptxproject management timeline.pptx
project management timeline.pptxInvensis Learning
 
Top 5 Project Management Techniques.pptx
Top 5 Project Management Techniques.pptxTop 5 Project Management Techniques.pptx
Top 5 Project Management Techniques.pptxInvensis Learning
 
5 Key Insights on Project Management Consulting
5 Key Insights on Project Management Consulting5 Key Insights on Project Management Consulting
5 Key Insights on Project Management ConsultingInvensis Learning
 
How Do You Become a Technical Project Manager | Invensis Learning
How Do You Become a Technical Project Manager | Invensis LearningHow Do You Become a Technical Project Manager | Invensis Learning
How Do You Become a Technical Project Manager | Invensis LearningInvensis Learning
 
5 Phases of Construction Project Management | Invensis Learning
5 Phases of Construction Project Management | Invensis Learning5 Phases of Construction Project Management | Invensis Learning
5 Phases of Construction Project Management | Invensis LearningInvensis Learning
 
Business Analyst Interview Questions SlideShare
Business Analyst Interview Questions SlideShareBusiness Analyst Interview Questions SlideShare
Business Analyst Interview Questions SlideShareInvensis Learning
 
Minitab Tutorial for Beginners | What is Minitab? | Minitab Training for Stat...
Minitab Tutorial for Beginners | What is Minitab? | Minitab Training for Stat...Minitab Tutorial for Beginners | What is Minitab? | Minitab Training for Stat...
Minitab Tutorial for Beginners | What is Minitab? | Minitab Training for Stat...Invensis Learning
 
Six Sigma Tutorial for Beginners | Six Sigma Explained | Invensis Learning
Six Sigma Tutorial for Beginners | Six Sigma Explained | Invensis LearningSix Sigma Tutorial for Beginners | Six Sigma Explained | Invensis Learning
Six Sigma Tutorial for Beginners | Six Sigma Explained | Invensis LearningInvensis Learning
 
Business Analyst Roles & Responsibilities
Business Analyst Roles & Responsibilities Business Analyst Roles & Responsibilities
Business Analyst Roles & Responsibilities Invensis Learning
 
What is Lean Six Sigma? Lean Six Sigma Explained - Invensis Learning
What is Lean Six Sigma? Lean Six Sigma Explained - Invensis LearningWhat is Lean Six Sigma? Lean Six Sigma Explained - Invensis Learning
What is Lean Six Sigma? Lean Six Sigma Explained - Invensis LearningInvensis Learning
 
What is Agile Project Management? | Agile Project Management | Invensis Learn...
What is Agile Project Management? | Agile Project Management | Invensis Learn...What is Agile Project Management? | Agile Project Management | Invensis Learn...
What is Agile Project Management? | Agile Project Management | Invensis Learn...Invensis Learning
 

More from Invensis Learning (20)

What is PERT in Project Management? End to End Guide
What is PERT in Project Management? End to End GuideWhat is PERT in Project Management? End to End Guide
What is PERT in Project Management? End to End Guide
 
Key Roles & Responsibilities of a Creative Project Manager.pptx
Key Roles & Responsibilities of a Creative Project Manager.pptxKey Roles & Responsibilities of a Creative Project Manager.pptx
Key Roles & Responsibilities of a Creative Project Manager.pptx
 
Key Elements of Enterprise Project Management.pptx
Key Elements of Enterprise Project Management.pptxKey Elements of Enterprise Project Management.pptx
Key Elements of Enterprise Project Management.pptx
 
Steps to Get an Internship in Project Management.pptx
Steps to Get an Internship in Project Management.pptxSteps to Get an Internship in Project Management.pptx
Steps to Get an Internship in Project Management.pptx
 
Significance of milestomnes in PM.pptx
Significance of milestomnes in PM.pptxSignificance of milestomnes in PM.pptx
Significance of milestomnes in PM.pptx
 
9 Game-Changing Open-Source Project Tools Unveiled!
9 Game-Changing Open-Source Project Tools Unveiled!9 Game-Changing Open-Source Project Tools Unveiled!
9 Game-Changing Open-Source Project Tools Unveiled!
 
Creating RFP in Project Management
Creating RFP in Project ManagementCreating RFP in Project Management
Creating RFP in Project Management
 
Best Practices for Effective Dependency Management in Project Management
Best Practices for Effective Dependency Management in Project ManagementBest Practices for Effective Dependency Management in Project Management
Best Practices for Effective Dependency Management in Project Management
 
project management timeline.pptx
project management timeline.pptxproject management timeline.pptx
project management timeline.pptx
 
Top 5 Project Management Techniques.pptx
Top 5 Project Management Techniques.pptxTop 5 Project Management Techniques.pptx
Top 5 Project Management Techniques.pptx
 
5 Key Insights on Project Management Consulting
5 Key Insights on Project Management Consulting5 Key Insights on Project Management Consulting
5 Key Insights on Project Management Consulting
 
How Do You Become a Technical Project Manager | Invensis Learning
How Do You Become a Technical Project Manager | Invensis LearningHow Do You Become a Technical Project Manager | Invensis Learning
How Do You Become a Technical Project Manager | Invensis Learning
 
5 Phases of Construction Project Management | Invensis Learning
5 Phases of Construction Project Management | Invensis Learning5 Phases of Construction Project Management | Invensis Learning
5 Phases of Construction Project Management | Invensis Learning
 
Business Analyst Interview Questions SlideShare
Business Analyst Interview Questions SlideShareBusiness Analyst Interview Questions SlideShare
Business Analyst Interview Questions SlideShare
 
Minitab Tutorial for Beginners | What is Minitab? | Minitab Training for Stat...
Minitab Tutorial for Beginners | What is Minitab? | Minitab Training for Stat...Minitab Tutorial for Beginners | What is Minitab? | Minitab Training for Stat...
Minitab Tutorial for Beginners | What is Minitab? | Minitab Training for Stat...
 
Six Sigma Tutorial for Beginners | Six Sigma Explained | Invensis Learning
Six Sigma Tutorial for Beginners | Six Sigma Explained | Invensis LearningSix Sigma Tutorial for Beginners | Six Sigma Explained | Invensis Learning
Six Sigma Tutorial for Beginners | Six Sigma Explained | Invensis Learning
 
Business Analyst Roles & Responsibilities
Business Analyst Roles & Responsibilities Business Analyst Roles & Responsibilities
Business Analyst Roles & Responsibilities
 
What is Lean Six Sigma? Lean Six Sigma Explained - Invensis Learning
What is Lean Six Sigma? Lean Six Sigma Explained - Invensis LearningWhat is Lean Six Sigma? Lean Six Sigma Explained - Invensis Learning
What is Lean Six Sigma? Lean Six Sigma Explained - Invensis Learning
 
What is Agile Project Management? | Agile Project Management | Invensis Learn...
What is Agile Project Management? | Agile Project Management | Invensis Learn...What is Agile Project Management? | Agile Project Management | Invensis Learn...
What is Agile Project Management? | Agile Project Management | Invensis Learn...
 
What is Scrum? SlideShare
What is Scrum? SlideShareWhat is Scrum? SlideShare
What is Scrum? SlideShare
 

Recently uploaded

Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 

Recently uploaded (20)

Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 

CRISC Course Preview

  • 1. CRISC® is a registered trademark of ISACA CRISC® Training Course Name : CRISC® Training Version : INVL_CRISC_CW_01_1.0 Course ID :ITSG - 156
  • 2. 2 About Invensis Learning Invensis Learning is a leading certification training provider for individuals and enterprises globally. Our expertise in providing globally-recognized IT & Technical certification courses has enabled us to be one of the trusted certification training partners for many Fortune 500 organizations and Government institutions worldwide. Invensis Learning has trained and certified thousands of professionals across a wide-range of categories such as IT Service Management, Project Management, Quality Management, IT Security and Governance, Cloud Computing, DevOps, Agile Project Management, and Digital Courses. Invensis Learning’s certification training programs adhere to global standards such as PMI, TUV SUD, AXELOS, ISACA, DevOps Institute, EXIN, and PEOPLECERT.
  • 3. 3 What We Offer We offer globally-recognized training and certifications in categories such as Project Management, ITSM, Agile, Quality Management, Technology Training, Program Management and IT Security & Governance. ITSM Project Management Quality Management Technology Training Agile & Scrum IT Security & Governance ITIL Foundation PMP Project Rescue Six Sigma Yellow Belt Training Cloud Computing PMI-ACP COBIT5 Foundation ITIL SD CAPM Project Scope Management Six Sigma Green Belt Training Big Data Scrum Training COBIT5 Implementation ITIL SS PRINCE2 Project Time Management Six Sigma Black Belt Training Hadoop DevOps Foundation COBIT5 Assessor ITIL ST PgMP Project Communications and Management Lean Six Sigma Green Belt Training .Net Technologies ISO/IEC 27001 Foundation ITIL SO PMI-RMP Project Cost Management Lean Six Sigma Black Belt Training Data Warehousing CRISC ITIL CSI P3O Project Procurement Management Introduction to Lean Training CISSP CGEIT ITIL RCV MSP Project Leadership Lean Fundamentals Program VC++, MCF ITIL OSA Microsoft Project Change Management Lean Management Training Advanced WCF, ITIL SOA Microsoft Project Server Implementing a Project Management Lean Manufacturing Training Advanced JAVA ITIL PPO IT Project Management Managing Conflict in the Workplace Lean Processes and Tools Advanced J2EE ITIL MALC Project Management Overview Negotiating in a Project Environment Lean Six Sigma in Information ISO 20000 Project Initiation Presentation Skills for Project Personnel Lean Six Sigma in Healthcare Earned Value Management Project Estimating Techniques DFSS Yellow Belt Training Project Risk Management Managing Multiple Projects DFSS Green Belt Training Project Sponsorship DFSS Black Belt Training Team Development MINITAB Training
  • 4. 4 Chapter 1: Risk Management – Introduction Chapter 2: Risk Identification Chapter 3: Risk Assessment Chapter 4: Risk Response and Mitigation Chapter 5: Risk and Control Monitoring and Reporting Table of Contents
  • 5. Chapter 1: Risk Management - Introduction
  • 6. 6 What is Risk? “An unforeseen event that may cause negative impact (or positive sometimes) on the outcome of a project or daily operations that eventually affects the ability to meet business objectives” Types of Risks • Enterprise (Business) Risk i.e. Strategy, Compliance, Market Risk etc. • IT Risk i.e. Operations, Information Security, Project/Program risks etc. Note: IT Risk is a subset of Enterprise Risk Risk occurrence, most invariably, affects IT value delivery to business. Risk Governance ensures Risk Management practices are followed consistently across the enterprise to maximize value delivered to business. Note: From hereon, in this manual, the term Risk refers to IT Risk unless specifically stated otherwise Chapter 1: Risk Management - Introduction
  • 7. 7 IT Risk Management Life Cycle IT Risk Identification IT Risk and Control Monitoring and Reporting IT Risk Response and Mitigation IT Risk Assessment Chapter 1: Risk Management - Introduction
  • 8. 8 IT Risk Management Life Cycle What is Control? It’s a systemic (technical) or procedural (process) or administrative (policy) or physical entity that is used to either eliminate risk or to reduce the impact of a risk event (if it occurs) Examples: Anti-virus (AV) Software, Cyber Risk Insurance Risk and Control Monitoring • Monitoring of Controls used is essential to ensure effectiveness of risk control • Similarly, monitoring of identified risks and new risks is also equally essential Examples: Monitoring Anti-Virus Signature Updates on all systems, Viruses detected & reported by AV, Network traffic Monitoring to detect anomalies Chapter 1: Risk Management - Introduction
  • 9. 9 Chapter 1: Risk Management - Introduction IT Risk Management Life Cycle Risk Response Types • Eliminate/Avoid • Risks that threaten the survival of an organization must be eliminated • Example: Business model that uses Robotics extensively for operations wherein the local government passes a legislation to protect the interests of industrial labour (thereby challenging the business model) • Mitigate/Reduce • Risks that threaten the realization of benefits to business • Example: IT disruption (i.e. data centre outage) causing business downtime • Transfer • Risks that can be transferred to a third party • Example: Cyber Risk Insurance • Accept • Risks that are least probable to occur and cost of mitigation far outweighs the benefits • Example: Data Centre (DC) location prone to hurricanes. Relocation or building a secondary DC would be more expensive. Data Backups relocated to an offsite location is a good risk mitigation strategy but beyond that you accept the risk (of downtime).
  • 10. 10 Enterprise Risk Management (ERM) Business Risk Management IT Risk Management Unit 1 Unit 2 Unit 3 ……………………… ………. Risk Register Board of Directors Risk Assessment Risk Identification Risk Response and Mitigation Risk Monitoring Risk Reporting Chapter 1: Risk Management - Introduction Risk Governance
  • 11. 11 Chapter 1: Risk Management - Introduction Risk Management Frameworks & Methodologies  ISO/IEC 27005:2018 (Information Security Risk Management)  NIST SP 800 30  Factor Analysis of Information Risk (FAIR)  Risk IT Framework from ISACA  ISO 31000:2018  COBIT® for Risk  COSO
  • 12. 12 Chapter 1: Risk Management - Introduction Knowledge Test  Cite a few examples for Risks related to Information Technology.  When is it advisable to accept a Risk?  Risk Management process is linear. True/False?  Give an example for a Control that helps in avoiding Risk.  Risk Register has only IT related Risks. True/False?  Who reports to board about the Risk Management Status?
  • 13. Chapter 2: Risk Identification
  • 14. 14 Note: Participants are requested to review the documentation for commonly used Risk Management frameworks (listed at the end of chapter 1) to familiarize them. CRISC exam doesn’t test knowledge about a particular standard or framework though. Chapter 2: Risk Identification Assets, Threats and Vulnerabilities  Asset – Any tangible or intangible entity that should be protected to ensure delivery of value to business Example: People, Reputation, Information, Process, Technology Infrastructure etc.  Threat – Anything that can erode the value of an Asset – refers to a potential adverse event Example: Unencrypted data can be eavesdropped on a network  Threat Agent – Anything that gives rise to a threat – something that can make the threat real Example: Third-party user gaining access to corporate wireless network by virtue of weak authentication  Vulnerability – Systemic or procedural weakness in a process or a system that the threat agent can exploit
  • 15. 15 Note: Participants are requested to review the documentation for commonly used Risk Management frameworks (listed at the end of chapter 1) to familiarize them. CRISC exam doesn’t test knowledge about a particular standard or framework though. Risk can also be defined as “the likelihood of a threat agent making the threat real by exploiting the vulnerability found on the Asset” Chapter 2: Risk Identification Assets, Threats and Vulnerabilities
  • 16. 16 Note: Participants are requested to review the documentation for commonly used Risk Management frameworks (listed at the end of chapter 1) to familiarize them. CRISC exam doesn’t test knowledge about a particular standard or framework though. Chapter 2: Risk Identification Risk Identification Techniques  Risk Identification is the organized set of processes to • Identify Assets • Assess their Value to the organization (quantitative or qualitative) • Identify Vulnerabilities, Threat and potential Threat Agents • Identify Stakeholders for Risk Identification and Ownership • Develop Risk Scenarios based on information collected • Develop the Risk Register • Communicate Risk to Senior Management • Develop the Risk Awareness program
  • 17. 17 Chapter 2: Risk Identification Risk Culture  Organizational Culture towards Risk & business strategy should be studied and understood properly for effective Risk Management  Some organizations are Too Risk-Taking (for example, an eCommerce company migrating to a new cutting-edge technology platform as soon as it is made available in the market) and some are Risk-Averse (a company continues to use legacy system for its operations)  What may seem to be a Risk for one organization (Risk-Averse) may be seen as an opportunity by another organization (Risk Taking)  Risk practitioner should consider the organization culture towards risk and their business strategy as inputs to the Risk Identification process
  • 18. 18 Chapter 2: Risk Identification Laws, Regulations, Standards and Compliance  Risk Practitioner should have clear understanding of all the laws, regulations and standards applicable in general and specific to the industry the organization belongs to • Example: PCI DSS Standard for companies that deal in online payments, GDPR for any organization that processes private user data of European Union (EU) citizens  Non-compliance to applicable laws, regulations or standards may cause loss of reputation and/or monetary losses, may attract penalties etc.  Information System Audit is an effective method to check compliance status  Audit Reports serve as valuable inputs to Risk Identification process
  • 19. 19 Chapter 2: Risk Identification Organizational Structure  Large organizations typically have a dedicated Chief Risk Officer (CRO) who is in-charge of Enterprise Risk Management (ERM)  Each Business Unit can have a team or an individual that handles Risk Management for that unit  The structure of the Risk Management team can be based on the overall size of the organization  CIO oversees Risk Management within IT department  Some organizations have a GRC sub-team within IT to handle IT Risk Management  The Risk Practitioner should have a clear understanding of the Risk Management Team organization and the reporting structure  A RACI Matrix can help in establishing accountability clearly
  • 20. 20 Chapter 2: Risk Identification Risk Appetite and Risk Tolerance  Risk Appetite and Tolerance are defined at the organizational level by the senior management  Risk Appetite refers to the level of Risk that is desirable and is set by board or senior management • Risk Appetite is a broader-level definition of how much risk can be taken without affecting the business • Example: The board may decide that the organization can sustain a loss of revenue of 5% from one category of products  Tolerance is the tolerable deviation to the limits set by Risk Appetite • Tolerance is a narrower definition of the range of deviation to the limit set by Risk Appetite • Example: The board may decide that the organization can sustain a loss of revenue of 5% from one category of products with a tolerance level of +/- 2% i.e. the loss of revenue can be 3% to 7% (max).  Both Risk Appetite and Tolerance change over time based on several factors and so need to be reviewed from time-to- time.
  • 21. 21 Chapter 2: Risk Identification Residual Risk  When Risk is mitigated by using an appropriate Control, either the likelihood or impact of the Risk is reduced sufficiently (in line with the Risk Appetite and Tolerance)  But Risk is still not completely eliminated – some part of the Risk still exist  The remaining part of the Risk (likelihood and impact) is called the Residual Risk  Periodic and regular monitoring is required to ensure Residual Risk doesn’t cross the levels set by Risk Appetite  Identifying Residual Risks (post Risk Response and Mitigation) is essential part of Risk Management (Remember Risk Management process is cyclic)  Residual Risks should be treated like primary Risks if they are likely to exceed the limits acceptable to the organization
  • 22. 22 Chapter 2: Risk Identification Risk Identification Techniques  Evidence Based • Historical Records • System logs, Access logs • Audit Reports • Vulnerability Analysis Reports • CERT Advisories from Vendors and other organizations • Process documentation Review • Third-party Contracts • Expert Review • SME Review of processes, practices followed etc. • Peer Review or Interviewing • Review the processes of each business unit with the respective department staff
  • 23. 23 Chapter 2: Risk Identification Areas for IT Risk Identification  IT Infrastructure – hardware/software/Data Centres – Review documentation and Inspect existing controls if any  SDLC (for organizations using in-house software development)  Project/Program Management (Risks related to project/programs)  Supplier Contracts  Business Continuity Planning (BCP) and Disaster Recovery (DR) Management  IT Operations (ITIL V3 process audit reports)  New Technologies (i.e. Cloud, AI, Blockchain etc.) relevant to the organization and Risks involved in adopting them  Data or Information Assets
  • 24. 24 Chapter 2: Risk Identification IT Risk Analysis  Risk Analysis can be Qualitative or Quantitative • Qualitative - ranks each risk as high, medium or low – subjective – easier to perform • Quantitative - gives a numerical score to each risk – objective – very difficult  A thorough analysis will be done during Assessment phase – high level analysis is required to capture all relevant data and for initial classification of risks and developing the Risk Register  Use the following techniques for identifying risks, evaluating the existing control • Root Cause Analysis • FMEA (Failure Mode Effect Analysis) • Gap Analysis • Cost-Benefit Analysis (RoI)
  • 25. 25 Chapter 2: Risk Identification Information Security Risk  CIA Triad – Confidentiality, Integrity and Availability  Identify Risks related to the above (i.e. absence of HA cluster, storing data without encryption etc.)  Consider the following controls for mitigating such risks • Authentication, Authorization, Auditing (AAA) • Identity Management  Consider the following controls for mitigating risks related to people • SoD – Segregation of Duties • Job Rotation • Dual Control
  • 26. 26 Chapter 2: Risk Identification Risk Scenarios  Use all the captured information w.r.t. Risks i.e. Threats, Agents, Vulnerabilities, Risks, Classification, Impact Assessment, existing controls etc. and prepare detailed scenarios  Qualify the Risks identified, Review and tabulate them into a Risk Register document  Classify the Risks (initial) based on impact and likelihood  Use Qualitative and Quantitative methods as appropriate  Keep all supporting documentation (evidences collected) for further review  Consider Business objectives, Risk Appetite, Tolerance  Identify Residual Risks (where Controls exist)
  • 27. 27 Chapter 2: Risk Identification Risk Register Refer a Standard Risk Register Template and try to understand its content and structure
  • 28. 28 Chapter 2: Risk Identification Risk Communication and Awareness Program  The organization should use the Risk Register to take Risk-Aware business decisions  Risk Register serves as a single point of reference for all Risks affecting business and their current status  Risk practitioner should communicate Risks and their current Status to all stakeholders  Information Security Awareness programs should be conducted to raise knowledge about Risks and various attacks targeting End Users  Information Security Policy, Process, Standards should be clearly communicated to all Employees
  • 29. 29 Chapter 2: Risk Identification Knowledge Test 1. Can a Risk within Risk Appetite limits be deemed as accepted? 2. Identify Risks in the following scenarios 1. Multiple users are sharing same credentials to login to system 2. Data stored on an All Flash Array storage is not being backed up as Flash is less susceptible to data corruption/loss than magnetic disks 3. A critical database server is running with a Single power supply unit 3. Risk Appetite is constant and doesn’t change over time. True or False? 4. Who approves the definition of Risk Appetite and Tolerance limits? 5. Name a Few Assets that need to be protected 6. Can a Database Administrator be allowed to create system accounts? If not, why? 7. What are the possible risks in a Cloud Migration project?
  • 30. 30 CONTACT INVENSIS LEARNING Email Us: © Copyright 2019 Invensis Learning Pvt Ltd. All Rights Reserved. www.invensislearning.com support@invensislearning.com USA +1-910-726-3695 | IND +91-96-2020-0784 UK +44 2033-223-280 | Germany +49 2119-5987-989 Switzerland +41-22-518-2042 | Hong Kong +852-5803-9039