CRISC Boot Camp Training – 2 days

Date:Oct 01, 2016

Accelerated prep training for the official ISACA CRISC Exam

Live, Virtual Instructor-Led, Online Training

LENGTH: 2 Days (Foundation Training)

April 22-23, 2017

Early Bird: $350 until April 1, 2017; $495 After April 1, 2017 


4-Days of CRISC Combo Training: $450
24 hours of CRISC TRAINING with security expert, KRAG BROTBY!


2-day CRISC Prep Training (LIVE, ONLINE): April 29-30, 2017


Begin preparing for the CRISC Exam immediately with the
CRISC Pre-recorded Webinar, then you’ll attend the
CRISC Combo Training $450 (24 HOURS of CRISC PREP)

Complete the Megamind Online Registration Form
( “CRISC Combo Training”):

Complete the Megamind Online Registration Form
( “CRISC Combo Training”):

Attend this LIVE TRAINING from your computer!


1. Complete the  online Registration Form (click here).
2. Pay using PayPal “Buy Now” below.

Enroll and Buy Online Class Dates:

Please note:  After paying, please complete the Megamind online Registration Form. You will receive a confirmation email after completing the registration form and payment.

Want to pay using a purchase order? Then fill out our online Registration form and we will contact you.

Want to request onsite training or learn more about IT training? Then drop us a note using our Contact form.


Taught by International Security Expert Practitioner, Krag Brotby CISM, CGEIT

Why Attend this 2-day CRISC Boot Camp?

This intensive boot camp provides an outstanding preparation for the official CRISC® exam, and is structured to follow the official CRISC Review Manual and examination flow. This boot camp covers each of the core competencies and associated task and knowledge statements, ensuring a detailed and thorough coverage of all of the areas that will be tested. This training is presented in an interactive manner to ensure the examination questions can be analyzed properly to achieve the best answer.

CRISC® (Certified in Risk and Information Systems Control)

The CRISC® certification prepares the IT professional for the challenges of IT and enterprise risk management. Earning a CRISC® helps enterprises to understand business risk, and to have the technical knowledge to implement appropriate IS controls.

The CRISC® focuses on:

  • Risk identification, assessment and evaluation.
  • Risk response.
  • Risk monitoring.
  • IS control design and implementation.

CRISC®  Examination and Certification Requirements:

The CRISC® exam consists of 150 multi-choice questions taken over a 4-hour period.

ISACA uses and reports scores on a common scale from 200 to 800. A candidate must receive a score of 450 or higher to pass the exam. A score of 450 represents a minimum consistent standard of knowledge as established by ISACA’s CRISC® Certification Committee.

A CRISC® candidate receiving a passing score may then apply for certification provided the following requirements are met:

  • CRISC® Certification Job Practice – Effective 2015
  • Prove at least three (3) years of cumulative work experience performing tasks of a CRISC® professional across at least two (2) of the four (4) new domains. Of these 2 required domains, one must be in either Domain 1 or 2.
  • Successful completion of the CRISC® examination (offered worldwide: June & December in two languages at 250 locations).
  • Risk management and information systems control experience.
  • Adhere to the ISACA Code of Professional Ethics.
  • Agree to comply with the CRISC® Continuing Education Policy.

CRISC® Salary Ranking:

  • According to a study conducted by Global Knowledge and Windows IT Pro in the fall of 2014 (2015 IT Skills and Salary Survey), the CRISC® is the highest-paying certification on the 15 Top-Paying Certifications for 2015 ($119,227).
  • CRISC® is among the top five highest paying IT certifications in the Foote Partners IT Skills and Certification Pay Index™ (ITSCPI) for the quarter ending July 1, 2014.Source: Global Knowledge, Windows IT Pro, Foote Partners IT Skills and Certification Pay Index™ (ITSCPI).

For a more detailed description regarding CRISC® qualifications and the ISACA CRISC® exam, visit the website.

CRISC OUTLINE (6 hours per day):

IT Risk Identification

  • Risk Management Good Practice
  • Methods to Identify Risk
  • Risk Culture and Communications
  • The Business IT Risk Strategy
  • Information Security Risk Concepts and Principles
  • Threats and Vulnerabilities Related to Assets
  • Risk Related to Organizational Assets and Business Processes
  • IT Risk Scenarios
  • Ownership and Accountability
  • Risk Capacity, Appetite and Tolerance
  • Risk Awareness

IT Risk Assessment

  • Risk Identification vs. Risk Assessment
  • Analyzing Risk Scenarios
  • Current State of Controls
  • Risk and Control Analysis
  • Risk Analysis Methodologies
  • Documenting Incident Response
  • Business-related Risk
  • Risk Associated with Enterprise Architecture
  • Data Management
  • New Threats and Vulnerabilities
  • Emerging Technologies
  • Industry Trends
  • Third Party Management
  • Project and Program Management
  • Business Continuity and Disaster Recovery Management
  • Exception Management Practices
  • IT Risk Assessment Report
  • Risk Ownership and Accountability
  • Communication IT Risk Assessment Results

IT Risk Response and Mitigation

  • Aligning Risk Response with Business Objectives
  • Risk Response Options
  • Analysis Techniques
  • Vulnerabilities Associated with New Controls
  • Developing a Risk Action Plan
  • Business Process Review Tools and Techniques
  • Control Design and Implementation
  • Control Monitoring and Effectiveness
  • Characteristics of Inherent and Residual Risk
  • Control Activities, Objectives, Practices and Metrics
  • System Control Design and Implementation
  • Impact of Emerging Technologies on Design and Implementation of Controls
  • Control Ownership
  • Risk Management Procedures and Documentation
  • Risk Responses and the Risk Action Plan

IT Risk Control Monitoring and Reporting

  • Key Risk Indicators
  • Key Performance Indicators
  • Data Collection and Extraction Tools and Techniques
  • Changes to the IT Risk Profile



CRISC Boot Camp is recommended for IT and business professionals who identify and manage risks, including:

  • IT professionals
  • Risk professionals
  • Business analysts
  • Project managers
  • Compliance professionals
  • Control professionals


All attendees will receive an electronic copy of the instructor’s actual presentation. Plus, the additional materials as noted below.


All attendees must purchase and study the official ISACA CRISC REVIEW MANUAL PRIOR to ATTENDING the workshop.

  • Krag Brotby’s CRISC Glossary Document (very important to know the terms & definitions)

The CRISC Review Manual can be purchased directly thru the ISACA bookstore (


*All attendees receive a copy of the CRISC Glossary Document, authored by renowned international computer security expert, Krag Brotby CISM, CGEIT.


After the class is held, Megamind provides attendees with:
* All attendees receive a copy of the instructor’s actual slides to be used for the class.
* Access to the online CRISC training class recording.
* Krag’s 100 Sample CRISC Practice Questions & Answers.
* Krag’s Guidance on Your Final Prep Steps for the CRISC exam.
* Megamind Certificate of Completion for the CRISC Prep Training.


Krag Brotby has more than twenty five years of experience in enterprise computer security architecture, governance, risk and metrics and is certified as a CISM and CGEIT. Experience includes intensive involvement in current and emerging security architectures and is a principle in the SABSA Institute. He holds a foundation patent for digital rights management and has published a variety of technical and IT security related articles and books. Mr. Brotby has served as principal author and editor of the ISACA Certified Information Security Manager Review Manual since 2005, and the researcher and author of the widely circulated Information Security Governance, A Guide for Directors and Executive Management, 2nd ed., and the Information Security Governance : Guidance for Information Security Managers. He is the author of Information Security Management Metrics; Auerbach ’09 and Information Security Governance; a practical development and implementation approach; Wiley ‘09, and the co-author of PRAGMATIC Security Metrics; Auerbach ’13.

Mr. Brotby has served on the ISACA Security Practice Development Committee, appointed to the Test Enhancement Committee responsible for exam question development, and to a committee that developed a systems approach to information security called the Business Model for Information Security (BMIS). Brotby is the recipient of the 2009 ISACA John W. Lainhart IV Common Body of Knowledge Award for noteworthy contributions to the information security body of knowledge for the benefit of the global security community.

Mr. Brotby has taught security courses globally during the past decade including the US Pentagon, US Marine Corp, Navy and Army. He is a member of the California High Tech Task Force Steering Committee, an advisory board for law enforcement. Mr. Brotby is a frequent workshop presenter and speaker at conferences globally and lectures on information security governance, metrics, information security management, GRC and CISM exam preparation throughout Oceana, Asia, Europe, the Middle East and North America.


“I passed the CRISC exam! Big thanks to Krag Brotby and Deb M. for the support provided. I would highly recommend Megamind’s training for the CRISC, taught by Krag Brotby. I liked the content of the course. The material really helped me focus on what is important and there is no doubt that Krag is a subject matter expert. I was really getting too comfortable with the DB Q&A’s since I was doing over 90% on every test. On the first day of the training I realized that I still needed some more preparation. The two last weeks are crucial for a successful outcome, trust me.”
–Dennis L., President & CIO


“A HUGE thank you to Krag Brotby and Deb M. for their excellent training! The Megamind  Training for the CRISC was invaluable to my preparation. Krag is very knowledgable and shares a wealth of information in this class. I would highly recommend Megamind for certification training. You can’t beat the value! Thanks again.”
–Chris M., Senior Security Analyst


As the Chief Operating Officer for a small business, I struggled with balancing the time it took to pursue the latest and most relevant certifications in my field, while running company operations and supporting a family. Megamind proved more than a solution to my problems. The Program of Instruction and the patient step-by-step teaching allowed me to prep for and pass both the CISM and CRISC exam on my time and my pace. The Return on Investment, the quality of administrative support and the study guide material far exceeded other more expensive programs. Megamind is clearly the preferred choice for exam prep for anyone (regardless of their technical background) pursuing certification in the major Information Assurance domains: CISM, CRISC, CGET, etc. Megamind’s support continues to be the crown jewel in the Megamind outreach efforts. In short, Megamind can be summed up in six words: “take the prep – pass the exam”
–Darryl D., Chief Operating Officer



Megamind does not provide the CRISC EXAM with this training, and it is NOT included in the Megamind course fees. You must register directly with ISACA ( for the CRISC Exam.


150 Questions: 4 hours
Megamind does not provide the CRISC EXAM with this training, and it is NOT included in the Megamind course fees.

You must register directly with ISACA ( for the CRISC Exam.


  • May 1, 2017 – June 30, 2017
  • August 1, 2017 – September 30, 2017
  • November 1, 2017 – December 31, 2017


Early registration is recommended as this course fills up quickly.
To ensure admission, fees must be paid in advance.




This training is available with Internet access — in the comfort of your own personal working environment! Attend this live, instructor-led online training from your office or home.


This training is 3 full days (7:00am-2:30pm Pacific Time), except where noted.


There are four sessions per day.
Generally there are two morning sessions & two afternoon sessions each day.
Each session is about 90 minutes long with a 15 minute break per session, and a 30 minute lunch break daily.


Pacific Time Zone:       7:00AM – 2:30PM
Mountain Time Zone: 8:00AM – 3:30PM
Central Time Zone:      9:00AM – 4:30PM
Eastern Time Zone:      10:00AM – 5:30PM

International Time Zones Vary According to Country

Refer to the World Time Zone Converter for your time zone:


Cancellations (in writing) will be accepted up to 10 working days before the scheduled course. After that time, no refunds will be given but substitutions may be sent at any time or tuition may be applied to a future training class.

Megamind reserves the right to cancel or postpone
any scheduled training class.

CRISC® is a Registered Trade Mark of  ISACA.
CRISC® is an ISACA certification.