About The CRISC Exam PDF

CRISC Exam Prep Course
ABOUT THE
CRISC EXAM
CRISC EXAM
PREPARATION
Copyright 2016 ISACA. All rights reserved.
Welcome!
CRISC Certification
ISACA Certified in Risk and Information

Systems Control (CRISC) is globally accepted
and recognized.
This program is designed to prepare you for
success on the CRISC exam, one step in the
process of becoming certified.
The program will include:
The CRISC professional demonstrates

skills in both of the following:
Enterprise risk management (ERM)
Information system (IS) control
CRISC addresses the need for

professionals who understand both
technology and how to implement and
align effective risk management and
control frameworks with enterprise goals.
Information about the CRISC exam and certification

Detailed coverage of the body of knowledge required
by CRISC
Activities, exam practice questions and group
discussions
Real-world examples of CRISC subject matter
3
2016 ISACA. All Rights Reserved
CRISC Components
CRISC Accreditation
ERM
IS Control
The discipline by
which an enterprise in
any industry
assesses, controls,
exploits, finances and
monitors risk from all
sources for the
purpose of increasing
the enterprise's shortand long-term value to
its stakeholders.
The combination of
strategic, managerial
and operational
activities involved in
gathering, processing,
storing, distributing
and using information
and its related
technologies.
The CRISC Exam
The American National Standards Instituted (ANSI) has

accredited CRISC under ISO/IEC 17024:2012, General
Requirements for Bodies Operating Certification Systems of
Persons.
Accreditation by ANSI achieves the following:
Promotes the unique qualifications and expertise ISACAs
certifications provide
Protects the integrity of the certifications and provides legal
defensibility
Enhances consumer and public confidence in the certifications
and the people who hold them
Facilitates mobility across borders or industries
More than 18,000 professionals have earned the CRISC

certification since it was introduced in 2010.
6
About the CRISC Exam
The CRISC exam is offered twice annually,

in the months of June and December.
Exam registration dates:
The CRISC Certification Working Group

oversees the development of the CRISC
exam, ensuring that the job practice is
properly tested.
The exam consists of 150 multiple-choice
questions covering the CRISC job practice
domains, as shown here.
Registration opens approximately 8 months prior to

exam date.
Early registration ends approximately 5 months prior
to exam date.
Registration closes approximately 8 weeks prior to
exam date.
Register at www.isaca.org.
7
Job Practice
Basis of the CRISC Exam

The CRISC exam is based on job practices.
These are described in a series of task and
knowledge statements.
Task statements describe the specific tasks the
CRISC candidate should be able to perform.
Knowledge statements are the knowledge
areas required in order for the candidate to
perform the tasks.
Test questions are specifically designed to

validate that the candidate possesses the
knowledge to perform a given task.
9
Exam Questions
10
Exam Questions (contd)
CRISC exam questions are developed with the

intent of measuring and testing both of the
following:
Read each question carefully.

Eliminate known incorrect answers.
Make the best choice possible.
Identify key words or phrases in the question (e.g., MOST,
BEST, or FIRST) before selecting and recording an answer.
Read the provided instructions carefully before attempting to
answer questions.
Practical knowledge
The application of general concepts and standards
All questions are multiple-choice and are designed

for one best answer from the four options given.
Scenario-based questions have the following
features:
Skipping over these directions or reading them too quickly could

result in missing important information and possibly losing credit
points.
Normally include a description of a situation

Require you to answer two or more questions based
on the information provided
11
Answer all questions. There is no penalty for wrong answers.

Grading is based solely on the number of questions answered
correctly.
12
Exam Tips
Exam Tips (contd)

The exam will be scored based on the answer
sheet recording only.
You are urged to record your answers directly
on the answer sheet, not in the question
booklet.
No additional time will be given after the exam
time has elapsed to transfer answers if you
record them in the question booklet.
The following are time-management tips for the

exam:
Become familiar with the exact location of, and the
best travel route to, the exam site prior to the date of
the exam.
Arrive at the exam testing site at the time indicated on
the admission ticket, giving you time to sit down and
get acclimated.
The exam is administered over a four-hour period,
allowing for a little over 1.5 minutes per question.
Pace yourself to complete the entire exam by
attempting an average of 37.5 questions per hour.
13
Day of the Exam
14
Day of the Exam (contd)
Arrive at the testing site at the time indicated on

your admission ticket.
Once the chief examiner begins reading the oral
instructions, no candidate will be admitted to the
test center.
Candidates who do not attend the scheduled
exam date or who arrive after the oral instructions
have begun will not be allowed to sit for the exam.
To be admitted into the test site, candidates must bring

the following:
The email printout or a printout of the downloaded
admission ticket
An acceptable form of photo identification, such as a
drivers license, passport or government ID
It must be a current and original government-issued
identification.
It must not be handwritten.
It must contain both the candidates name as it appears on the
admission ticket and the candidates photograph.
Registered exam-takers who do not sit for their exam

will forfeit their registration fee.
Candidates who do not provide an acceptable form of

identification will not be allowed to sit for the exam and
will forfeit their registration fee.
Candidates can use their admission tickets only at

the designated test center on the admission ticket.
15
16
Exam Rules
Exam Rules (contd)

If you must leave the testing area, seek
authorization or accompaniment by a test proctor.
Candidates who fail to do so will not be allowed to
return to the testing room and will be subject to
disqualification.
The chief examiner or designate at each test
center will read aloud the instructions for entering
information on the answer sheet.
Bring several no. 2 pencils. These will not be provided

at the exam site.
Do not bring the following into the exam site:
Study materials (including notes, paper, books or study
guides), scratch paper or notepads
Any type of communication, surveillance or recording
device (including, but not limited to, cell phones, tablets,
smart watches or eye-wear and mobile devices)
Candidates may want to dress to their own comfort

level.
You must include your exam identification number as

it appears on your admission ticket and any other
requested information on their exam answer sheet.
Failure to do so may result in a delay or errors.
As exam venues vary, every attempt will be made to make

the climate control comfortable at each exam venue, but
this cannot be guaranteed.
17
Exam Scoring
18
The Score Report

Approximately eight weeks after the test date, the
official exam results will be mailed to candidates.
An email containing the candidates pass/fail status
and score will be sent to paid candidates, if they
have given permission for this.
Each candidate who completes the CRISC exam
will receive a score report.
Candidate scores are reported as a scaled

score.
A scaled score is a conversion of a candidates
raw score on the exam to a common scale.
ISACA uses and reports scores on a common
scale from 200 to 800.
To pass, a candidate must receive a score of

450 or higher, which represents a minimum
consistent standard of knowledge as
established by ISACAs CRISC Certification
Working Group.
19
This score report contains a sub-score for each job

practice domain.
These can be useful in identifying those areas in
which further study may be needed, should retaking
the exam be necessary.
20
Certification Steps
Pre-Course Question 1
To earn the CRISC designation, the CRISC

candidate must meet the following requirements:
1.
2.
Which of the following provides the BEST

view of risk management?
Pass the CRISC exam.

Submit an application (within 5 years of the exam
passing date) with verified evidence of a minimum of at
least 3 years of cumulative work experience performing
the tasks of a CRISC professional across at least 2
CRISC domains.
A. An interdisciplinary team
B. A third-party risk assessment service
provider
C. The enterprises IT department
D. The enterprises internal compliance
department
Of the two required domains, one must be risk-related, either

Domain 1 (IT Risk Identification) or 2 (IT Risk Assessment).
There will be no substitutions or experience waivers.
3.
4.
21
Adhere to the ISACA Code of Professional Ethics.

Agree to comply with the CRISC continuing education
policy.
22
The BEST method for detecting and

monitoring a hackers activities without
exposing information assets to
unnecessary risk is to utilize:
A.
B.
C.
D.
23
Which of the following would PRIMARILY

help an enterprise select and prioritize risk
responses?
A. A cost-benefit analysis of available risk
mitigation options
B. The level of acceptable risk per risk appetite
C. The potential to transfer or eliminate the risk
D. The number of controls necessary to reduce
the risk
Firewalls
Bastion hosts
Honeypots
Screened subnets
24
Which of the following should be of MOST
concern to a risk practitioner?
A. Failure to notify the public of an intrusion
B. Failure to notify the police of an attempted
intrusion
C. Failure to internally report a successful
attack
D. Failure to examine access rights periodically
25
THANK YOU!

About The CRISC Exam PDF

Uploaded by

Copyright:

Available Formats

About The CRISC Exam PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

About The CRISC Exam PDF

Uploaded by

Copyright:

Available Formats

What are the two components covered by the CRISC certification?

What are the two components covered by the CRISC certification?

What are the steps to earn the CRISC designation?

What are the steps to earn the CRISC designation?

CRISC Exam Prep Course

Copyright 2016 ISACA. All rights reserved.

ISACA Certified in Risk and Information

The CRISC professional demonstrates

CRISC addresses the need for

Information about the CRISC exam and certification

Copyright 2016 ISACA. All rights reserved.

2016 ISACA. All Rights Reserved

Copyright 2016 ISACA. All rights reserved.

CRISC Exam Prep Course

Copyright 2016 ISACA. All rights reserved.

The CRISC Exam

The American National Standards Instituted (ANSI) has

More than 18,000 professionals have earned the CRISC

Copyright 2016 ISACA. All rights reserved.