From the course: ISACA Certified in Risk and Information Systems Control (CRISC) Cert Prep
Join today to access over 25,300 courses taught by industry experts.
Issues, findings and exceptions
From the course: ISACA Certified in Risk and Information Systems Control (CRISC) Cert Prep
Issues, findings and exceptions
- [Instructor] So now that we have all of this information on how we've implemented the controls, how we've designed the controls, and we're actively monitoring the controls, issues, findings, and exceptions are bound to happen. They can come from anywhere, right? An internal or an external review. Maybe management identifies it through one of their self-reviews. As a result of any review process that we have, we can find one of these issues or findings. We need to better understand the context, the root cause, and the background of the issue. Generally talking about an issue in isolation is not helpful. So, for example, if we find that the provisioning process for access is not being done appropriately, right? That level of information isn't enough. Where is the error being found? Is it in the approval process? Is it in the handoff between the people who approve it and the people granting access? How many of these…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
Risk response options and selection8m 16s
-
(Locked)
Third-party risk and control8m 53s
-
(Locked)
Risk action plans3m 29s
-
(Locked)
Control standards, frameworks, and types of controls7m 6s
-
(Locked)
Control design and selection13m 30s
-
(Locked)
Control testing7m 30s
-
(Locked)
Data collection and reporting8m 44s
-
(Locked)
Metrics5m 46s
-
(Locked)
Monitoring, reporting and associated techniques9m 13s
-
(Locked)
Issues, findings and exceptions8m 14s
-
(Locked)
-
-