All Episodes
Displaying 41 - 60 of 93 in total
Episode 41: Managing and Monitoring Third-Party Risks
Identifying third-party risks is only the first step—effective risk professionals must also manage and monitor them throughout the vendor lifecycle. In this episode, y...
Episode 42: Issue, Finding, and Exception Management
Every organization faces control gaps and compliance issues—what matters is how they’re addressed. This episode explains the difference between issues, findings, and e...
Episode 43: Managing Emerging Risks
CRISC candidates must be able to anticipate and respond to new threats as technologies and environments evolve. In this episode, we explore how to define and identify ...
Episode 44: Control Types, Standards, and Frameworks
Understanding the full landscape of control types is critical for treatment planning. This episode introduces preventive, detective, corrective, and compensating contr...
Episode 45: Control Design, Selection, and Analysis
A poorly chosen or badly designed control can create more risk than it mitigates. This episode focuses on selecting controls that align with business objectives and de...
Episode 46: Control Implementation Best Practices
A well-designed control must be implemented carefully to succeed. This episode outlines how to roll out controls across people, processes, and technology with minimal ...
Episode 47: Control Testing and Effectiveness Evaluation
Testing is how we know a control works. In this episode, you’ll learn the methodologies used to validate control effectiveness—from walkthroughs and testing procedures...
Episode 48: Developing and Executing Risk Treatment Plans
Once risk response decisions are made, treatment plans bring them to life. This episode shows you how to create actionable plans that assign ownership, define timeline...
Episode 49: Data Collection, Aggregation, Analysis, and Validation
Effective risk reporting begins with the right data. In this episode, we explain how to collect, organize, and validate risk and control data from across the enterpris...
Episode 50: Techniques for Risk Monitoring and Validation
Monitoring keeps risk management alive and responsive. This episode walks you through key techniques for tracking risk levels, validating changes in threat exposure, a...
Episode 51: Techniques for Control Monitoring and Continuous Improvement
Effective risk professionals don’t just implement controls—they monitor and refine them continuously. This episode explores how organizations use control monitoring te...
Episode 52: Risk and Control Reporting Techniques: Heatmaps, Scorecards, and Dashboards
Visual reporting tools turn data into decisions. This episode explains how heatmaps, scorecards, and dashboards are used to present risk and control information to sta...
Episode 53: Understanding Key Performance Indicators (KPIs)
Key Performance Indicators help organizations measure the success of their processes, including risk and control functions. This episode dives into KPI design, interpr...
Episode 54: Defining and Utilizing Key Risk Indicators (KRIs) and Key Control Indicators (KCIs)
KRIs and KCIs are essential tools for proactive risk and control management. In this episode, we examine how to define, track, and apply these indicators to detect ris...
Episode 55: Domain 3 Review: Key Takeaways and Exam Tips
Domain 3 brings together risk response, control management, and stakeholder reporting—and this review episode reinforces the most tested concepts across all those topi...
Episode 56: CRISC Domain 4 Overview: Information Technology and Security Alignment
Domain 4 focuses on the integration of IT and security into enterprise risk management. This episode introduces you to the key topics within this domain, from enterpri...
Episode 57: Enterprise Architecture Principles
A strong enterprise architecture provides structure and clarity for risk-informed IT decisions. This episode explores the foundational components of enterprise archite...
Episode 58: IT Operations: Change and Asset Management
Change and asset management processes are central to minimizing IT risk. In this episode, we examine how structured change control reduces service disruption, and how ...
Episode 59: IT Operations: Problem and Incident Management
Problem and incident management are essential components of operational resilience. This episode explains how organizations detect, document, and resolve IT issues whi...
Episode 60: Project Management in the IT Environment
Every IT project introduces risk—and every CRISC candidate must be prepared to assess it. This episode covers how project management methodologies like Agile and Water...