CRISC Prep Exam Training – 2 Days

An accelerated prep training for the official  ISACA CRISC® Exam


April 29-30, 2017
September 16-17, 2017
December 2-3, 2017

$350: Early Bird – REGISTER by April 1, 2017, September 1, 2017, November 19, 2017
$495: REGISTER after April 1, 2017, September 1, 2017, November 19, 2017

Attend this LIVE TRAINING with internet access from your computer!

Can’t make it to our Live, Online Training?
Attend via our Pre-recorded On-Demand
CRISC Webinar.

2-Day CRISC Prep Exam Class Training
(Pre-Recorded On-Demand Webinar)
Subscribe for up to 3 months for $250:


4-Days of CRISC Combo Training: $450
24 hours of CRISC TRAINING with security expert, KRAG BROTBY!


2-day CRISC Prep Training (LIVE, ONLINE): April 29-30, 2017


Begin preparing for the CRISC Exam immediately with the
CRISC Pre-recorded Webinar, then you’ll attend the
CRISC Combo Training $450 (24 HOURS of CRISC PREP)

Complete the Megamind Online Registration Form
( “CRISC Combo Training”):



How to Enroll:
1. Complete the  online Registration Form (click here).
2. Pay using PayPal “Buy Now” below.

Enroll and Buy Online Class Dates:

After paying, complete the online Registration Form and we will contact you.

Want to pay using a purchase order? Then fill out our online Registration form and we will contact you.

Want to request onsite training or learn more about IT training? Then drop us a note using our Contact form.



2017 Dates:
April 22-23, 2017
September 16-17, 2017
December 2-3, 2017
7:00am-2:30pm Pacific Time
Registration is OPEN.

REGISTRATION is OPEN: CRISC Prep, Pre-recorded On Demand Webinar
Attend LIVE from your computer:
Live, Instructor-Led Online
Taught by renowned security expert,
Krag Brotby CISM, CGEIT
Can't make it to our LIVE CRISC Training?
Attend via our Pre-Recorded 2-Day CRISC Prep Exam On Demand Training Webinar.
Subscribe: 3, 6 or 12 months ($250, $395, $595).
Attend from your location, whenever you like (on demand).


Taught by International Renowned Security Practitioner:
Krag Brotby, CISM, CGEIT
Principal author & editor of the
official ISACA CISM Review Manual

Why Attend this 2-Day Live, Online Training?

If you’re planning to take the CRISC® Exam, then this training is for you!

This intensive LIVE, ONLINE 2-day training specifically focuses on developing the essential examination skills necessary for your success on the CRISC® EXAM, and helps to avoid the mistakes so many make that often result in failure. You will be provided with a set of invaluable tools and approaches that maximize your chance of mastering this difficult exam.

This LIVE, ONLINE training is 12 hours (6 hours per day) dedicated to concepts, definitions, and exam question analysis. This training is highly interactive, providing an intense learning environment where attendees are immersed in exam prep. Approximately two hundred questions are analyzed, and a set of rules and guidelines are provided that will usually give you the best answer.


For maximum benefit, it is recommended that each student purchase and review study materials prior to attending the workshop:

  • ISACA CRISC® Review Manual – (latest edition)
  • ISACA CRISC® QAE (Questions, Answers & Explanations) Manual (latest edition)
  • ISACA CRISC® Practice Questions DB Download
  • ISACA Glossary Document

The official ISACA study materials can be purchased directly thru the ISACA bookstore (

While the critical concepts are explored during the workshop, the focus is on developing the skills and understanding essential to mastering this unique examination, there is insufficient time to study in depth the manual content during the 2-day class. These topics will, however, be covered in the context of sample exam questions.

CRISC® OUTLINE (6 hours per day):

Pre-review Sample Exam

Exam Question review and analysis

  • Question types and structure
  • Question analysis
  • Judgment and synthesis


IT Risk Identification

  • Risk Management Good Practice
  • Methods to Identify Risk
  • Risk Culture and Communications
  • The Business IT Risk Strategy
  • Information Security Risk Concepts and Principles
  • Threats and Vulnerabilities Related to Assets
  • Risk Related to Organizational Assets and Business Processes
  • IT Risk Scenarios
  • Ownership and Accountability
  • Risk Capacity, Appetite and Tolerance
  • Risk Awareness

IT Risk Assessment

  • Risk Identification vs Risk Assessment
  • Analyzing Risk Scenarios
  • Current State of Controls
  • Risk and Control Analysis
  • Risk Analysis Methodologies
  • Documenting Incident Response
  • Business-related Risk
  • Risk Associated with Enterprise Architecture
  • Data Management
  • New Threats and Vulnerabilities
  • Emerging Technologies
  • Industry Trends
  • Third Party Management
  • Project and Program Management
  • Business Continuity and Disaster Recovery Management
  • Exception Management Practices
  • IT Risk Assessment Report
  • Risk Ownership and Accountability
  • Communication IT Risk Assessment Results



Risk Response and Mitigation

  • Aligning Risk Response with Business Objectives
  • Risk Response Options
  • Analysis Techniques
  • Vulnerabilities Associated with New Controls
  • Developing a Risk Action Plan
  • Business Process Review Tools and Techniques
  • Control Design and Implementation
  • Control Monitoring and Effectiveness
  • Characteristics of Inherent and Residual Risk
  • Control Activities, Objectives, Practices and Metrics
  • System Control Design and Implementation
  • Impact of Emerging Technologies on Design and Implementation of Controls
  • Control Ownership
  • Risk Management Procedures and Documentation
  • Risk Responses and the Risk Action Plan

Risk Control Monitoring and Reporting

  • Key Risk Indicators
  • Key Performance Indicators
  • Data Collection and Extraction Tools and Techniques
  • Changes to the IT Risk Profile

Exam Prep Tips & Techniques


CRISC® Prep Exam Training is recommended for IT and business professionals who identify and manage risks, including:

  • IT professionals
  • Risk professionals
  • Business analysts
  • Project managers
  • Compliance professionals
  • Control professionals

CRISC® (Certified in Risk and Information Systems Control)

The CRISC® certification prepares the IT professional for the challenges of IT and enterprise risk management. Earning a CRISC® helps enterprises to understand business risk, and to have the technical knowledge to implement appropriate IS controls.

The CRISC® focuses on:

  • Risk identification, assessment and evaluation.
  • Risk response.
  • Risk monitoring.
  • IS control design and implementation.

CRISC®  Examination and Certification Requirements:

The CRISC® exam consists of 150 multiple-choice questions taken over a 4-hour period.

ISACA uses and reports scores on a common scale from 200 to 800. A candidate must receive a score of 450 or higher to pass the exam. A score of 450 represents a minimum consistent standard of knowledge as established by ISACA’s CRISC® Certification Committee.

A CRISC® candidate receiving a passing score may then apply for CRISC® certification provided the following requirements are met:

  • CRISC® Certification Job Practice – Effective 2015
  • Prove at least three (3) years of cumulative work experience performing tasks of a CRISC® professional across at least two (2) of the four (4) new domains. Of these 2 required domains, one must be in either Domain 1 or 2.
  • Successful completion of the CRISC® examination (offered worldwide: June & December in two languages at 250 locations).
  • Risk management and information systems control experience.
  • Adhere to the ISACA Code of Professional Ethics.
  • Agree to comply with the CRISC® Continuing Education Policy.

CRISC® Salary Ranking:

  • According to a study conducted by Global Knowledge and Windows IT Pro in the fall of 2014 (2015 IT Skills and Salary Survey), the CRISC® is the highest-paying certification on the 15 Top-Paying Certifications for 2015 ($119,227).
  • CRISC® is among the top five highest paying IT certifications in the Foote Partners IT Skills and Certification Pay Index™ (ITSCPI) for the quarter ending July 1, 2014.

Source: Global Knowledge, Windows IT Pro, Foote Partners IT Skills and Certification Pay Index™ (ITSCPI).

For a more detailed description regarding CRISC® qualifications and the ISACA CRISC® exam, visit the website.


Krag Brotby has more than twenty five years of experience in enterprise computer security architecture, governance, risk and metrics and is certified as a CISM and CGEIT. Experience includes intensive involvement in current and emerging security architectures and is a principle in the SABSA Institute. He holds a foundation patent for digital rights management and has published a variety of technical and IT security related articles and books. Mr. Brotby has served as principal author and editor of the ISACA Certified Information Security Manager Review Manual since 2005, and the researcher and author of the widely circulated Information Security Governance, A Guide for Directors and Executive Management, 2nd ed., and the Information Security Governance : Guidance for Information Security Managers. He is the author of Information Security Management Metrics; Auerbach ’09 and Information Security Governance; a practical development and implementation approach; Wiley ‘09, and the co-author of PRAGMATIC Security Metrics; Auerbach ’13.

Mr. Brotby has served on the ISACA Security Practice Development Committee, appointed to the Test Enhancement Committee responsible for exam question development, and to a committee that developed a systems approach to information security called the Business Model for Information Security (BMIS). Brotby is the recipient of the 2009 ISACA John W. Lainhart IV Common Body of Knowledge Award for noteworthy contributions to the information security body of knowledge for the benefit of the global security community.

Mr. Brotby has taught security courses globally during the past decade including the US Pentagon, US Marine Corp, Navy and Army. He is a member of the California High Tech Task Force Steering Committee, an advisory board for law enforcement. Mr. Brotby is a frequent workshop presenter and speaker at conferences globally and lectures on information security governance, metrics, information security management, GRC and CISM exam preparation throughout Oceana, Asia, Europe, the Middle East and North America.


150 Questions: 4 hours

Megamind does not provide the CRISC EXAM with this training, and it is NOT included in the Megamind course fees.

You must register directly with ISACA ( for the CRISC Exam.


  • May 1, 2017 – June 30, 2017
  • August 1, 2017 – September 30, 2017
  • November 1, 2017 – December 31, 2017


Early registration is recommended as this course fills up quickly.
To ensure admission, fees must be paid in advance.




Attend this live, instructor-led online training from your own personal working environment — from your home or your office.


Most classes run 2 full days from 7:00AM-2:30PM (PT) except where noted.


There are four sessions per day.
Generally there are two morning sessions & two afternoon sessions each day.

Each session is about 90 minutes long with a 15 minute break per session, and a 30 minute lunch break daily.


Pacific Time Zone: 7:00AM – 2:30PM
Mountain Time Zone: 8:00AM – 3:30PM
Central Time Zone: 9:00AM – 4:30PM
Eastern Time Zone: 10:00AM – 5:30PM
International Time Zones Vary According to Country

Refer to the World Time Zone Converter for your time zone:


Attendees receive a copy of Krag Brotby’s CRISC Glossary Document. 


After the class is held, Megamind provides attendees with:

  • All attendees receive a copy of the instructor’s actual slides used for the class.
  • Access to the online CRISC training class recording.
  • Krag’s 100 Sample CRISC Practice Questions & Answers.
  • Krag’s Guidance on Your Final Prep Steps for the CRISC exam.
  • Megamind Certificate of Completion:
    2-Day CRISC Prep Exam Training.


Cancellations (in writing) will be accepted up to 10 working days before the scheduled course. After that time, no refunds will be given but substitutions may be sent at any time or tuition may be applied to a future training class.

Megamind reserves the right to cancel or postpone
any scheduled training class.

 Mr.Brotby currently teaches a variety of computer security courses for MEGAMIND.
All are available onsite.
For more info email:

For Groups or Team Training:

This class is available as a private onsite or a private online class.
For scheduling and pricing, email:

Private Tutoring:

This class is available as a private tutoring session, per hour.
For scheduling and pricing:

CRISC® is a registered trademark of
CRISC® is an ISACA® certification.