CRISC Review Manual 6th Edition

More about the book

The new CRISC Review Manual 2011 serves as a comprehensive guide for individuals preparing for the CRISC exam, focusing on IT-related business risk management roles. Developed by global experts, this edition covers essential concepts in key CRISC job practice areas: risk identification, assessment, response, monitoring, and IS control design and implementation. The manual is divided into two parts. Part I offers an in-depth overview of the IT risk management process and the design, implementation, monitoring, and maintenance of information systems (IS) controls. Each chapter outlines the definitions and objectives for the five CRISC job practice domains, detailing the tasks performed by risk management professionals and the knowledge tested in the exam. It also includes sample practice questions, answer explanations, and suggested resources for further study. Part II delves into selected business and IT processes related to enterprise risk. It explains the significance of each process in achieving business objectives, introduces key concepts, provides real-life examples of common risks, lists key risk indicators, and describes IS controls that support these processes. Additionally, it offers a practitioner's perspective and recommended reading materials. This manual is an excellent resource for individual study and can also serve as a guide for study groups and local review courses.