ISACA CRISC Boot Camp
Certified in Risk and Information Systems Control
CRISC is the certification for professionals who identify, assess, and manage IT risk in the enterprise. In this live, instructor-led 4-day boot camp, you work through all four CRISC exam domains and walk out ready to test. Taught by a certified ISACA instructor, with an exam voucher, a free retake, and a clear path to pass built in.
Exam voucher and free retake included.
Prefer to study on your own schedule? Get the self-paced CRISC course →
Everything you need to walk in ready
Four full days of interactive instruction from a certified ISACA instructor, mapped to the CRISC exam content outline.
A 12-month subscription to ISACA’s official Question, Answer and Explanation database, with unlimited practice exam attempts.
Your CRISC exam voucher is included, so you are registered and ready to test.
If you don’t pass the first time, retake the exam at no additional cost.
A pre-study learning path, readiness guidance, and exam strategy so you know exactly how to prepare between sessions and test day.
If you already hold ISACA or other professional credentials, the live instruction hours count as CPE toward them.
Four days across all four CRISC exam domains
The boot camp works straight through ISACA’s CRISC exam content outline (updated November 2025): four job-practice domains, each weighted as it is on the exam. You leave having covered every area the 150-question exam tests.
Governance
26%- Organizational governance: strategy, structure, culture, and how the enterprise sets its risk appetite.
- Risk governance: lines of defense, the risk profile, and embedding risk in decision making.
IT Risk Assessment
22%- Risk identification: threats, vulnerabilities, and emerging risk across the technology estate.
- Risk analysis and evaluation: likelihood, impact, and comparing exposure against appetite.
Risk Response and Reporting
32%- Risk response: treatment options and the design and implementation of controls.
- Monitoring and reporting: key risk indicators, dashboards, and communicating risk posture.
Information Technology and Security
20%- Information technology principles: the architecture and operations underneath the risk.
- Information security principles: controls, frameworks, and how security events become enterprise risk.
Domains and weightings follow ISACA’s official CRISC exam content outline. The CRISC exam is 150 questions in 4 hours, scored 200 to 800, with 450 to pass.
What the CRISC certification does for you
Every enterprise runs on IT risk decisions. CRISC is the credential for the people trusted to make them.
More than 40,000 professionals have earned CRISC since 2010. It is the recognized standard for turning IT risk from a spreadsheet into decisions.
CRISC connects control-level detail with enterprise-level risk framing, so you can brief an engineer and the audit committee in the same afternoon.
Pass the exam and apply for certification to earn ISACA’s CRISC credential and digital badge, verifiable and shareable on LinkedIn and your resume.
What you’ll be able to do
- Identify and assess IT risk across the enterprise
- Design and implement controls that actually reduce exposure
- Monitor and report risk posture with indicators that mean something
- Align technology risk with the enterprise risk appetite
- Turn assessments into decisions executives can act on
- Strengthen governance so risk management sticks
Learn IT risk from a career cybersecurity leader
James brings over 35 years of military, federal, and contracting experience to cybersecurity training. A former USAF senior officer and Defense Intelligence Agency leader, he has managed critical cybersecurity programs for the Department of Defense and DHS. As President of Sycamore Cybersecurity Consultants and Dean of CyberEDGE Academy, James has trained over 2,000 cybersecurity professionals worldwide. He is a certified instructor for ISACA CISM, CRISC, CRISC, CGEIT, and AAISM, and holds a BS in Mathematics, three MS degrees, and an MBA.
Prepare, train, pass
CRISC boot camp, answered
What is CRISC?
CRISC is ISACA’s Certified in Risk and Information Systems Control certification, the benchmark credential for professionals who identify, assess, and manage IT risk and design the controls that keep it in check. More than 40,000 professionals have earned it since 2010.
What roles does CRISC prepare me for?
CRISC validates enterprise IT risk expertise: IT risk manager, risk analyst, control owner, and GRC leadership roles, plus security and assurance positions where risk is the core of the job.
What are the requirements for CRISC certification?
ISACA requires at least three years of experience in IT risk management and information systems control aligned to the CRISC job practice. There are no experience waivers. You can sit the exam first and apply once you meet the requirement.
How is the CRISC boot camp structured?
Four full days of live, instructor-led training led by a certified ISACA instructor, working through all four CRISC exam domains. You get a pre-study learning path, a 12-month subscription to ISACA’s official QAE database with unlimited practice exam attempts, and exam-strategy support so you walk in ready.
What does the CRISC exam look like?
The CRISC exam is 150 questions in 4 hours, scored on a 200 to 800 scale, with 450 required to pass. Your exam voucher is included, and after registering you have a scheduling window to sit the exam.
What if I don’t pass the CRISC exam?
You can retake the exam at no additional cost. The whole program is built to get you exam-ready, and the free retake is there as a safety net.
Do I earn CPE for the CRISC boot camp?
If you already hold ISACA or other professional credentials, the live instruction hours count as CPE toward them. It is a productive way to make progress on your annual CPE while preparing for a new certification.
Is there a self-paced CRISC course?
Yes. If you prefer to study on your own schedule, see our self-paced CRISC course. The live boot camp is best if you want structure, an instructor, and a fixed timeline to keep you accountable.
Get CRISC-certified with an instructor in your corner
Four live days, every exam domain, an included voucher, and a free retake if you need it. Pick the cohort that fits your calendar.
$2,499 per seat, regularly $2,999. Exam voucher and free retake included.
Prefer to study on your own schedule? Get the self-paced CRISC course →
Training a team? Explore corporate training or book a time with our team →
Popular courses
Pages
