Information Technology and Security ISACA® CRISC™

What This Course Covers

The course unpacks ISACA®’s four CRISC™ domains: IT risk identification and analysis, risk response planning, risk monitoring and reporting, and IT risk governance. You’ll explore frameworks like COSO and ISO 31000, learn to assess vulnerabilities in context, and understand how to communicate risk to non-technical stakeholders—critical skills when you’re translating technical threats into business impact.

Kevin Henry walks through practical scenarios: prioritising risks under budget constraints, designing control strategies, and embedding risk awareness into IT operations. The Pluralsight platform includes interactive elements and real-world examples, so you’re not just memorising definitions but building the judgment needed to advise leadership on risk trade-offs.

Who Is This Course For?

Ideal for:

• Security professionals pursuing CRISC™: If you’re sitting the ISACA® exam within 3–6 months, this course condenses the syllabus efficiently and highlights exam-heavy topics.
• IT risk and governance specialists: Those moving into risk management, compliance, or audit roles will find the frameworks and communication strategies immediately applicable.
• Security architects and senior engineers: Professionals wanting to formalise risk thinking and speak the language of enterprise risk management will benefit from the structured approach.

May not suit:

• Complete beginners to IT security: CRISC™ assumes foundational knowledge of IT systems, controls, and security concepts. Start with CompTIA Security+ or equivalent first.
• Learners needing deep technical labs: This is conceptual and framework-focused; if you need hands-on penetration testing or infrastructure labs, look elsewhere.

Frequently Asked Questions

How long does Information Technology and Security ISACA® CRISC™ take?

1 hour 43 minutes of video content. Plan 20–30 hours total if you’re studying for the certification exam, including review, practice questions, and supplementary reading.

Is this course enough to pass the CRISC™ exam?

It’s a solid foundation covering all four domains, but ISACA® recommends 3–5 years of risk management experience plus structured study. Pair this with practice exams and the official CRISC™ review manual for best results.

Who is Kevin Henry, and why should I trust him?

Kevin Henry is a recognised cybersecurity educator and author. Pluralsight vets instructors rigorously—only 5.5% of applicants become course authors—so you’re learning from vetted expertise.

Will this help my career outside CRISC™ certification?

Absolutely. The risk frameworks and governance principles apply to any IT security or compliance role. You’ll speak more credibly with auditors, boards, and business leaders.