The Certified in Risk and Information Control (CRISC) certification is an established, well-recognized credential from ISACA. A CRISC certification shows employers that you understand how to identify and manage IT risk in an enterprise and that you’re capable of implementing and maintaining the controls necessary to address risks. This series of courses explains the four IT risk management domains. In this course, instructor Jerod Brennen focuses on the second CRISC domain: IT Risk Assessment. Jerod covers basic risk assessment techniques, then goes into how you can dig deeper and determine risk rankings. He goes over how to analyze risk scenarios for your organizational structure, policies, technology, architecture, and more. Jerod discusses how to analyze the effectiveness of your current controls, including leveraging assessments and performing gap analysis. Jerod concludes with useful advice on communicating your risk assessment results and updating your risk register.
- Jerod Brennen Storyteller, Speaker, Teacher, Strategic Advisor, & Security Solutions Architect
Jerod Brennen is a security architect, advisor, speaker, and teacher. He has 20+ years of infosec experience.
Jerod focuses on helping people improve the security of the technologies and business processes at their organizations. Whether serving as a consultant, manager, or specialist, he focuses on information risk management and presents regularly at infosec conferences. Jerod has hands-on experience in application security, business analysis, compliance, access management, penetration testing, risk assessment, security architecture, incident response, and strategic planning.