Esquema Detallado del Curso
- ISRM Part 1: The BigPicture
- About the C)ISRM Exam
- Exam Relevance
- About the C)ISRM Exam
- Section Overview
- Part 1 Learning Objectives
- Section Topics
- Overview of Risk Management
- Risk
- Risk and Opportunity Management
- Responsibility vs. Accountability
- Risk Management
- Roles and Responsibilities
- Relevance of Risk Management Frameworks,Standards and Practices
- Frameworks
- Standards Practices
- Relevance of Risk Governance
- Overview of Risk Governance
- Objectives of Risk Governance
- Foundation of Risk Governance
- Risk Appetite and Risk Tolerance
- Risk Awareness and Communication
- Key Concepts of Risk Governance
- Risk Culture
- Case Study
- Practice Question 1
- Practice Question 2
- Practice Question 3
- Practice Question 4
- Practice Question 5
- Acronym Review
- Definition Review
- ISRM Part II -Domain 1 Risk Identification Assessment and Evaluation
- Section Overview
- Exam Relevance
- Domain 1 Learning Objectives
- Task Statements
- Knowledge Statements
- The Process
- Describing the Business Impact of IT Risk
- IT Risk in the Risk Hierarchy
- IT Risk Categories
- High Level Process Phases
- Risk Scenarios
- Definition of Risk Scenario
- Purpose of Risk Scenarios
- Event Types
- Risk Scenario Development
- Risk Registry & Risk Profile
- Risk Scenario Development
- Risk Scenario Components
- Risk Scenario Development
- Risk Scenario Development Enablers
- Systemic, Contagious or Obscure Risk
- Generic IT Risk Scenarios
- Definition of Risk Factor
- Examples of Risk Factors
- Risk Factors—External Environment
- Risk Factors-Risk Management Capability
- Risk Factors—IT Capability
- Risk Factors—IT Related Business Capabilities
- Methods for Analyzing IT Risk
- Likelihood and Impact
- Risk Analysis Output
- Risk Analysis Methods
- Risk Analysis Methods—Quantitative
- Risk Analysis Methods—Qualitative
- Risk Analysis Methods—for HIGH impact risk types
- Risk Analysis Methods
- Risk Analysis Methods—Business Impact
- Analysis (BIA)Methods for Assessing IT Risk
- Identifying and Assessing IT Risk
- Definitions
- Adverse Impact of Risk Event
- Business Impacts From IT Risk
- Business Related IT Risk Types
- IT Project-Related Risk
- Risk Components—Inherent Risk
- Risk Components—Control Risk
- Risk Components—Detection Risk
- Business Risk and Threats
- Addressed By IT Resourcess
- Identifying and Assessing IT Risk
- Methods For Describing
- IT Risk In Business Terms
- Case Study
- Acronym Review
- Definition Review
- Domain 1–Exercises
- ISRM Part II Domain 2 -Risk Response
- Section Overview
- Exam Relevance
- Domain 2 Learning Objectives
- Task Statements
- Knowledge Statements
- Risk Response Objectives
- The Risk Response Process
- Risk Response Options
- Risk Response Parameters
- Risk Tolerance and Risk Response Options
- Risk Response Prioritization Options
- Risk Mitigation Control Types
- Risk Response Prioritization Factors
- Risk Response Tracking, Integration and Implementation
- Process Phases
- Phase 1—Articulate Risk
- Phase 2—Manage Risk
- Phase 3—React To Risk Events
- Sample Case Study
- Domain 2–Exercise 1
- SRM Part II -Domain 3 -Risk Monitoring
- Course Agenda
- Exam Relevance
- Learning Objectives
- Task Statements
- Knowledge Statements
- EssentialsRisk Indicators
- Risk Indicator Selection Criteria
- Key Risk Indicators
- Risk Monitoring
- Risk Indicator Types and Parameters
- Risk Indicator Considerations
- Criteria for KRI Selection
- Benefits of Selecting Right KRIs
- Disadvantages of Wrong KRIs
- Changing KRIs
- Gathering KRI Data
- Steps to Data Gathering
- Gathering Requirements
- Data Access
- Data Preparation
- Data Validating Considerations
- Data Analysis
- Reporting and Corrective Actions
- Optimizing KRIs
- Use of Maturity Level Assessment
- Assessing Risk Maturity Levels
- Risk Management Capability Maturity Levels
- Changing Threat Levels
- Monitoring Changes in Threat Levels
- Measuring Changes in Threat Levels
- Responding to Changes in Threat Levels
- Threat Level Review
- Changes in Asset Value
- Maintain Asset Inventory
- Risk Reporting
- Reporting Content
- Effective Reports
- Report Recommendations
- Possible Risk Report Recipients
- Periodic Reporting
- Reporting Topics
- Risk Reporting Techniques
- Sample Case Study
- Practice Question 1
- Practice Question 2
- Practice Question 3
- Practice Question 4
- Acronym Review
- Definition Review
- Domain 3–Exercises
- ISRM Part II Domain 4 -IS Control Design andImplementation
- Section Overview
- Exam Relevance
- Domain 4 Learning Objectives
- Task Statements
- Knowledge Statements
- C)ISRM Involvement
- Control Definition
- Control Categories
- Control Types and Effects
- Control Methods
- Control Design Considerations
- Control Strength
- Control Costs and Benefits
- Potential Loss Measures
- Total Cost of Ownership For Controls
- Role of the C)ISRM in SDLC
- The SDLC Process
- Outcomes of the Feasibility Study
- Task 1—Define Requirement
- Requirement Progression
- Business Information Requirements (COBIT)Requirements Success Factors
- Task 3—Acquire Software “Options”
- Software Selection Criteria
- Software Acquisition
- Software Acquisition Process
- Leading Principles for Design and Implementation
- C)ISRM Responsibilities
- Key System Design Activities:
- Steps to Perform Phase 2
- Phase 2 -Project Design and Development
- SystemTesting
- Test Plans
- Project Testing
- Types of Tests
- UAT Requirements
- Certification and Accreditation
- Project Status Reports
- Phase 3 -Project Testing
- Testing Techniques
- Verification and Validation
- Phase 4 -Project Implementation
- Project Implementation
- The Systems
- Development Life Cycle (SDLC)‘Meets and Continues to Meet’
- SDLC
- SDLC Phases
- Addressing Risk Within the SDLC
- Business Risk versus Project Risk
- Understanding Project Risk
- Addressing Business Risk
- Understanding Business
- and Risk Requirements
- Understand Business Risk
- High Level SDLC Phases
- Project Initiation
- Phase 1–Project Initiation
- Phase 1 Tasks
- Task 1—Feasibility Study
- Feasibility Study Components
- Determining Feasibility
- Implementation Phases
- Phase 4 -Project Implementation
- End User Training Plans & Techniques
- Training Strategy
- Data Migration/Conversion Considerations
- Risks During Data Migration
- Data Conversion Steps
- Implementation Rollback
- Data Conversion Project Key Considerations
- Changeover Techniques
- Post-Implementation Review
- Performing Post-Implementation Review
- Measurements of Critical Success Factors
- Closing a Project
- Project Management and Controlling
- Project Management Tools and Techniques
- Project Management Elements
- Project Management Practices
- PERT chart and critical path
- PERT Attribute
- Sample Case Study
- Practice Question 1
- Practice Question 2
- Practice Question 3
- Practice Question 4
- Practice Question 5