ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide: A primer on GRC and an exam guide for the most recent and rigorous IT risk certification


ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide: A primer on GRC and an exam guide for the most recent and rigorous IT risk certification
Author: Shobhit Mehta (Author), Vikas Yadav (Foreword)
Publisher finelybook 出版社:‏ Packt Publishing
Publication Date 出版日期:‏ 2023-09-08
Language 语言: English
Print Length 页数: 316 pages
ISBN-10: 1803236906
ISBN-13: 9781803236902

Book Description

Prepare to pass the ISACA CRISC exam with confidence, gain high-value skills, and propel yourself toward IT risk management mastery

Key Features

  • Gain end-to-end coverage of all the topics assessed in the ISACA CRISC exam
  • Apply and embed your learning with the help of practice quizzes and self-assessment questions
  • Have an in-depth guide handy as you progress in your enterprise IT risk management career
  • Purchase of the print or Kindle book includes a free PDF eBook

Book Description

For beginners and experienced IT risk professionals alike, acing the ISACA CRISC exam is no mean feat, and the application of this advanced skillset in your daily work poses a challenge. The ISACA Certified in Risk and Information Systems Control (CRISC®) Certification Guide is a comprehensive guide to CRISC certification and beyond that’ll help you to approach these daunting challenges with its step-by-step coverage of all aspects of the exam content and develop a highly sought-after skillset in the process.

This book is divided into six sections, with each section equipped with everything you need to get to grips with the domains covered in the exam. There’ll be no surprises on exam day – from GRC to ethical risk management, third-party security concerns to the ins and outs of control design, and IDS/IPS to the SDLC, no stone is left unturned in this book’s systematic design covering all the topics so that you can sit for the exam with confidence. What’s more, there are chapter-end self-assessment questions for you to test all that you’ve learned, as well as two book-end practice quizzes to really give you a leg up.

By the end of this CRISC exam study guide, you’ll not just have what it takes to breeze through the certification process, but will also be equipped with an invaluable resource to accompany you on your career path.

What you will learn

  • Adopt the ISACA mindset and learn to apply it when attempting the CRISC exam
  • Grasp the three lines of defense model and understand risk capacity
  • Explore the threat landscape and figure out vulnerability management
  • Familiarize yourself with the concepts of BIA, RPO, RTO, and more
  • Get to grips with the four stages of risk response
  • Manage third-party security risks and secure your systems with ease
  • Use a full arsenal of InfoSec tools to protect your organization
  • Test your knowledge with self-assessment questions and practice quizzes

Who this book is for

If you are a GRC or a risk management professional with experience in the management of IT audits or in the design, implementation, monitoring, and maintenance of IS controls, or are gearing up to take the CRISC exam, then this CRISC book is for you. Security analysts, penetration testers, SOC analysts, PMs, and other security or management professionals and executives will also benefit from this book.

Table of Contents

  1. Governance, Risk, and Compliance
  2. CRISC Practice Areas and the ISACA Mindset
  3. Organizational Governance, Policies, and Risk Management
  4. The Three Lines of Defense and Cybersecurity
  5. Legal Requirements and the Ethics of Risk Management
  6. Risk Management Life Cycle
  7. Threat, Vulnerability, and Risk
  8. Risk Assessment Concepts, Standards, and Frameworks
  9. Business Impact Analysis, and Inherent and Residual Risk
  10. Risk Response and Control Ownership
  11. Third-Party Risk Management
  12. Control Design and Implementation
  13. Log Aggregation, Risk and Control Monitoring, and Reporting
  14. Enterprise Architecture and Information Technology
  15. Enterprise Resiliency and Data Life Cycle Management

(N.B. Please use the Look Inside option to see further chapters)

Review

“I would recommend this book to both aspiring GRC and risk management professionals. This will help them get a well-rounded overview of the entire GRC and risk management area. For those on the technical side, the book is a good introduction to risk management. It will help them develop as versatile security professionals and future cyber leaders. Besides his expertise in cybersecurity, Shobhit is also an avid long-distance runner. He brings the same discipline to this book as in running – it is well-researched, meticulous, and an engrossing read. For those who love running to be fit, it is always enjoyable to go on a long run despite the pain and hard work. Shobhit’s book provides a similar experience that will enrich your cybersecurity knowledge and help you grow in your career. I am sure this book will help you in demystifying cybersecurity for management and the board while earning an important certification milestone in your cybersecurity career.”

Vikas Yadav

CISO, Flipkart

About the Author

Shobhit Mehta is the Security and Compliance Director at Headspace, an on-demand mental health company in San Francisco, CA. Previously, he worked in different facets of security and assurance with HSBC, Deutsche Bank, Credit Suisse, PayPal, and Fidelity Investments. He also works with ISACA to develop exam questions for CISA, CISM, and CGEIT, served as the technical reviewer for the CGEIT and CISA review manuals, and is a published author for the COBIT 5 journal. He completed his MS in cybersecurity at Northeastern University, Boston, and holds CRISC, CISM, CISA, CGEIT, CISSP, and CCSP certifications. In his spare time, he likes to explore the inclined trails of the Bay Area, complete ultramarathons, and blog on GRCMusings.

Amazon page

打赏
未经允许不得转载:finelybook » ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide: A primer on GRC and an exam guide for the most recent and rigorous IT risk certification

评论 抢沙发

觉得文章有用就打赏一下

您的打赏,我们将继续给力更多优质内容

支付宝扫一扫

微信扫一扫