From the course: ISACA Certified in Risk and Information Systems Control (CRISC) Cert Prep
Join today to access over 25,300 courses taught by industry experts.
Control design and selection
From the course: ISACA Certified in Risk and Information Systems Control (CRISC) Cert Prep
Control design and selection
- [Instructor] So now that we understand the types of controls that exist or where we might source those controls from, we're going to actually design and select those controls. So as we look at what controls we should implement, we want to take a look at things like: What is the current risk level? What's going well? Where do we need to improve? Where could there potentially be vulnerabilities in the future? Maybe in our process execution or in our technology, where we're going to want to invest within our organization to make sure that we don't have those risk events occur. So where would we get this type of data? We would look at things like third-party assessments, audits, maybe performance data we have, feedback from individuals, information from the industry or from competitors about what type of risk events or just general activities are happening to them. And we also want to make sure that we take a look at…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
Risk response options and selection8m 16s
-
(Locked)
Third-party risk and control8m 53s
-
(Locked)
Risk action plans3m 29s
-
(Locked)
Control standards, frameworks, and types of controls7m 6s
-
(Locked)
Control design and selection13m 30s
-
(Locked)
Control testing7m 30s
-
(Locked)
Data collection and reporting8m 44s
-
(Locked)
Metrics5m 46s
-
(Locked)
Monitoring, reporting and associated techniques9m 13s
-
(Locked)
Issues, findings and exceptions8m 14s
-
(Locked)
-
-