A fully updated self-study guide for the industry-standard information technology risk certification, CRISC
Written by information security risk experts, this complete self-study system is designed to help you prepare for—and pass—ISACA’s CRISC certification exam. CRISC Certified in Risk and Information Systems Control All-in-One Exam Guide, Second Edition features learning objectives, explanations, exam tips, and hundreds of practice questions. Beyond exam prep, this practical guide serves as an ideal on-the-job reference for risk management and IT security professionals.
Covers all exam topics, including:
• IT and cybersecurity governance
• Enterprise risk management and risk treatment
• IT risk assessments and risk analysis
• Controls and control frameworks
• Third-party risk management
• Risk metrics, KRIs, KCIs, and KPIs
• Enterprise architecture
• IT operations management
• Business impact analysis
• Business continuity and disaster recovery planning
• Data privacy
Online content includes:
• 300 practice exam questions
• Test engine that provides full-length practice exams and customizable quizzes by exam topic
Peter H. Gregory, CRISC, CISM®, CISA®, CDPSE™, CIPM®, CISSP®, DRCE, CCSK™, is a career information technologist, conference speaker, and security leader. He is the senior director of cyber GRC in a telecommunications company and the author of over forty books, including CDPSE Certified Data Privacy Solutions Engineer All-in-One Exam Guide, CISA Certified Information Systems Auditor All-in-One Exam Guide, Fourth Edition, and CISM Certified Information Security Manager All-in-One Exam Guide.
Dawn Dunkerley, PhD, CRISC, CISSP, CISSP-ISSAP®, CISSP-ISSEP®, CISSP-ISSMP®, CSSLP®, CompTIA Security+™, is a leading cyberwarfare and cybersecurity researcher and author. She is an editor for The Cyber Defense Review published by the United States Army Cyber Institute and a Fellow of the Americas Institute for Cybersecurity Leadership.
Bobby E. Rogers is an information security engineer working as a contractor for Department of Defense agencies and has secured networks all over the world. His many certifications include CRISC, CISSP-ISSEP, CEH™, MCSE: Security, CompTIA A+™, Network+™, Security+, and Mobility+™.