A fully updated self-study guide for the industry-standard information technology risk certification, CRISC

Written by information security risk experts, this complete self-study system is designed to help you prepare for—and pass—ISACA’s CRISC certification exam. CRISC Certified in Risk and Information Systems Control All-in-One Exam Guide, Second Edition features learning objectives, explanations, exam tips, and hundreds of practice questions. Beyond exam prep, this practical guide serves as an ideal on-the-job reference for risk management and IT security professionals.

Covers all exam topics, including:

• IT and cybersecurity governance


• Enterprise risk management and risk treatment


• IT risk assessments and risk analysis


• Controls and control frameworks


• Third-party risk management


• Risk metrics, KRIs, KCIs, and KPIs


• Enterprise architecture


• IT operations management


• Business impact analysis


• Business continuity and disaster recovery planning


• Data privacy

Online content includes:

• 300 practice exam questions


• Test engine that provides full-length practice exams and customizable quizzes by exam topic