You're reading from ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide A primer on GRC and an exam guide for the most recent and rigorous IT risk certification

Product type Paperback

Published in Sep 2023

Publisher Packt

ISBN-13 9781803236902

Length 316 pages

Edition 1st Edition

Concepts

Cybersecurity

Author (1):

Shobhit Mehta

View More author details

Table of Contents (28) Chapters

Preface

1. Part 1: Governance, Risk, and Compliance and CRISC

2. Chapter 1: Governance, Risk, and Compliance FREE CHAPTER

3. Chapter 2: CRISC Practice Areas and the ISACA Mindset

4. Part 2: Organizational Governance, Three Lines of Defense, and Ethical Risk Management

5. Chapter 3: Organizational Governance, Policies, and Risk Management

6. Chapter 4: The Three Lines of Defense and Cybersecurity

7. Chapter 5: Legal Requirements and the Ethics of Risk Management

8. Part 3: IT Risk Assessment, Threat Management, and Risk Analysis

9. Chapter 6: Risk Management Life Cycle

10. Chapter 7: Threat, Vulnerability, and Risk

11. Chapter 8: Risk Assessment Concepts, Standards, and Frameworks

12. Chapter 9: Business Impact Analysis, and Inherent and Residual Risk

13. Part 4: Risk Response, Reporting, Monitoring, and Ownership

14. Chapter 10: Risk Response and Control Ownership

15. Chapter 11: Third-Party Risk Management

16. Chapter 12: Control Design and Implementation

17. Chapter 13: Log Aggregation, Risk and Control Monitoring, and Reporting

18. Part 5: Information Technology, Security, and Privacy

19. Chapter 14: Enterprise Architecture and Information Technology

20. Chapter 15: Enterprise Resiliency and Data Life Cycle Management

21. Chapter 16: The System Development Life Cycle and Emerging Technologies

22. Chapter 17: Information Security and Privacy Principles

23. Part 6: Practice Quizzes

24. Chapter 18: Practice Quiz – Part 1

25. Chapter 19: Practice Quiz – Part 2

26. Index

Why subscribe?

27. Other Books You May Enjoy

IT risk management life cycle

There are six steps in the IT risk management life cycle, starting from risk identification to risk monitoring. Each step is equally important to ensure that an organization does not only identify and assess the risk, but treats it according to its impact on the business and risk appetite, reports to the executives and key decision makers in an understandable report, and lastly, performs continuous monitoring of the risk and controls.

The following list details the key steps for IT risk management:

Risk identification:

Risk identification is the first step in IT risk management. An organization can only assess and treat the risk that it knows exists. Any failure to identify risks could lead to an organization not including those risks in its strategic planning and not giving them the due attention required.

In IT risk management, it is important for the risk practitioner to be aware of the technologies used in the organization and...

The rest of the chapter is locked

You're reading from ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide A primer on GRC and an exam guide for the most recent and rigorous IT risk certification

Table of Contents (28) Chapters

IT risk management life cycle

Authors (1)

Personalised recommendations for you

You're reading from ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide A primer on GRC and an exam guide for the most recent and rigorous IT risk certification

Table of Contents (28) Chapters

IT risk management life cycle

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you