ISACA CRISC Guide 6th Edition.

The technical skills and practices that CRISC promotes and evaluates are the
building blocks of success in the field. Possessing the CRISC designation
demonstrates proficiency and is the basis for measurement in the profession. With a
growing demand for professionals possessing risk and control skills,
CRISC has positioned itself to be the preferred certification program by
individuals and enterprises around the world. CRISC certification signifies
commitment
to serving an enterprise and the chosen profession with distinction.

Domain 1�Risk Identification, Assessment and Evaluation (31 percent): Identify,

assess and evaluate risk to enable the execution of the enterprise risk
management strategy.
� Domain 2�Risk Response (17 percent): Develop and implement risk responses to
ensure that risk factors and events are addressed in a cost-effective
manner and in line with business objectives.
� Domain 3�Risk Monitoring (17 percent): Monitor risk and communicate information
to the relevant stakeholders to ensure the continued effectiveness of
the enterprise�s risk management strategy.
� Domain 4�Information Systems Control Design and Implementation (17 percent):
Design and implement information systems controls in alignment
with the organization�s risk appetite and tolerance levels to support business
objectives.
� Domain 5�Information Systems Control Monitoring and Maintenance (18 percent):
Monitor and maintain information systems controls to ensure that
they function effectively and efficiently.