CRISC Exam Preparation Course prepares professionals for the CRISC® certification exam through a structured review of IT risk management, control and information security topics. The training consolidates IT Risk Management concepts, models and practices, based on Behaviour®’s own content and aligned with the domains publicly indicated by the certification body.
CRISC® and ISACA® are registered trademarks of ISACA®. This training is developed and delivered by Behaviour® with its own content, as an independent preparation course for the CRISC® exam.
Quick Access: Introduction· Why this course exists· What this course enables· Topics and areas· Value· Objectives· Target audience· Prerequisites· Programme· Exam & Certification· Other information· Benefits· Logistics· FAQs· Registration
Upcoming dates
Confirmed dates.
Synchronous, live training. Interaction with the trainer and the group.
Live Online • discounted edition
Live Online • base price
Language: available in Portuguese or English
Training: review + original exercises by thematic area
Certification exam: 4h (150 questions) • not included
PROFESSIONAL LEVEL — practical application of methods in a professional context
Why this course exists
To develop IT risk management skills with method, a common language and execution capability, while also supporting preparation for the certification exam.
Many organisations have corporate risk processes, but fail when they need to connect IT risk to business objectives, investment decisions and consistent governance mechanisms.
The CRISC® exam is associated with IT risk management and information systems control competencies. The course helps participants consolidate knowledge and practice in the main areas assessed, through a structured preparation approach.
What this course enables you to do
Govern
Develop a risk governance structure aligned with organisational objectives.
Assess
Identify, analyse and assess IT risk to support risk-based decisions.
Respond
Determine risk response options and assess the efficiency and effectiveness of measures.
Monitor & Report
Continuously monitor and report risks and controls to relevant stakeholders.
Topics and competence areas addressed throughout the course
Alignment with ERM (Enterprise Risk Management)
Risk governance (roles, decision-making, accountability)
Risk assessment (likelihood, impact, criteria)
Risk response (options, selection, effectiveness)
Monitoring & reporting (KRI/KPI, control, communication)
Value for the organisation
- Better alignment between IT risk and business objectives, supporting risk-based decision-making.
- Greater consistency in risk management: criteria, control, monitoring and reporting.
- Reduced ambiguity through common language and practices accepted by the industry.
- Greater credibility and maturity before audit, suppliers and stakeholders.
Introduction
The CRISC Exam Preparation Course is advanced professional training in IT risk management, designed for managers and technology professionals who wish to prepare for the CRISC® certification exam.
Develop a structured view of IT risk management, oriented towards functions that establish, implement, monitor and assess IT risk management practices in an organisational context. The course supports preparation for the CRISC® exam and strengthens the ability to increase business resilience, deliver value to stakeholders and optimise risk management.
The CRISC Exam Preparation Course addresses the main areas assessed in the exam, including Governance, IT Risk Assessment, Risk Response and Reporting and Information Technology and Security. Consolidation is carried out through discussion, original exercises by thematic area and Behaviour® simulation, aimed at transforming knowledge into exam performance.
The training includes proprietary support resources, guided discussion, exercises by thematic area and a final exam simulation.
This Training Plan and the associated documents are Behaviour®’s own content, protected by Copyright and registered as a literary work with IGAC.
General Objectives
At the end of this course, participants will be able to:
- Develop a risk governance structure aligned with organisational objectives.
- Identify the IT risk universe to contribute to the execution of the IT risk management strategy in support of business objectives and aligned with the enterprise risk management (ERM) strategy.
- Analyse and assess IT risk to determine likelihood and impact on business objectives and enable risk-based decision-making.
- Determine risk response options and assess their efficiency and effectiveness to manage risks aligned with business objectives.
- Continuously monitor and report IT risks and controls to relevant stakeholders, ensuring the efficiency and effectiveness of the IT risk management strategy and its alignment with business objectives.
- Have a practical understanding of key technology and information security principles and concepts.
- Reach the exam with structured preparation in the areas publicly indicated by the certification body.
Target Audience
- Professionals with responsibilities in IT risk management, governance and compliance.
- Risk Managers, IT Risk Managers, GRC Managers and ERM professionals.
- Auditors and assurance professionals focused on IT risk and control.
- Candidates for the certification exam.
Prerequisites
To attend this course, participants are recommended to:
- Have fundamental knowledge of IT risk management, control, information security and the areas assessed in the exam, as well as understanding of English to follow the associated terminology.
- Other specific requirements may apply, where relevant, depending on the quotation or proposal presented (please consult the proposal).
Programme
Review by competence areas
- Introduction and Course Plan
- Governance
- IT Risk Assessment
- Risk Response and Reporting
- Information Technology and Security
Exam Preparation (simulation)
- Exam preparation: Behaviour® simulation
- Original practical questions, with correction and explanation of reasoning
Exam(s) and Certification
Certification exam
The certification exam is not included in the course price. Registration, scheduling, delivery, eligibility requirements, certification decision and issuance of the certification are managed directly by the certification body, in accordance with its rules in force. The course does not include the exam, voucher, official materials or certification application process.
Certification requirements
Other Information
General Information
- Training available in Portuguese or English.
- Behaviour® proprietary support materials, made available online, with original exercises by thematic area and consolidation resources, according to the awarded conditions.
- Behaviour® exam simulation on the last day of training.
- Behaviour® digital Training Attendance Certificate, with indication of 35 CPD/CPE credits awarded by Behaviour®.
Trainer(s)
Benefits
View benefits
- Normalisation of language, concepts and practices in IT risk management, reducing ambiguity and increasing consistency in risk analysis and communication.
- Strengthened professional and organisational credibility with suppliers, service providers, audits and governance structures.
- Development of practical knowledge to identify, assess, treat and monitor IT risks in real organisational contexts.
- Structured preparation for the certification exam, with review by competence areas and Behaviour® simulation.
- Effective support for organisational and governmental requirements related to IT risk management.
- Pedagogical model oriented towards effective competence acquisition, active participation and meaningful learning, with simultaneous focus on certification and professional applicability.
Logistics
Useful information
- Live Online (synchronous time): 09h30–17h30 (Lisbon time), with lunch break and short breaks.
- Classroom (synchronous time): 09h30–17h30 (Lisbon time), with lunch break and short breaks.
- 28 hours of synchronous training, distributed across 4 consecutive working days.
- Estimated 7 hours of guided autonomous work, intended for content consolidation, carried out flexibly outside the synchronous sessions.
- Requirements: computer with stable internet, browser, PDF reader, audio/video.
Hotels in Lisbon
Find out where you can stay in Lisbon, near Behaviour, for classroom training.
Frequently Asked Questions
Objective answers to common questions about this CRISC Exam Preparation Course.
Does this course help bridge IT risk and enterprise risk?
Is this course useful for professionals already working in ERM, audit or internal control?
Does the preparation include reasoning practice by area, not just theoretical review?
Can this course be relevant for organisations seeking to strengthen IT risk governance and reporting?
After this course, will participants be better prepared to engage with management, audit and technical teams?
For general questions about registration, delivery modes, exams, certification and recertification, please consult the BEHAVIOUR® FAQs.
Registration
Complete the form to request your registration for the preferred edition. Check the upcoming dates.
Training delivered by a certified training provider (processes and quality). See DGERT framework.
Request more information
If you would like help to frame the course within your professional or organisational context, contact us and we will indicate the most suitable path.
Companies: request a proposal
For team registrations, we provide volume conditions and a proposal tailored to the organisational need.
This course may be attended by individual professionals. It may also be integrated into preparation paths for professionals with responsibilities in risk and control of information systems.