This program is to assist candidates in preparing for the Certified in Risk and Information Systems Control (CRISC) examination. Candidates for ISACA’s highly respected CRISC designation can now take the exam using computer-based testing (CBT). CBT allows for in-person testing on a computer at an approved testing center. These are scheduled through ISACA International at the time of the CRISC exam registration.
Last opportunity to test in 2019 (current) CRISC job practice
|1 February – 24 May 2019 Testing Window|
|20 May 2019||Registration and Scheduling Opens|
|22 May 2019||Final Registration Deadline|
International Examination Registration
Continuous Testing Exam Registration
|Start of testing on 2019 CRISC Job Practice|
|2 April 2019||Registration Opens|
|17 June 2019||Scheduling Opens|
For an application to the exam call or write to:
CRISC Examination Registrar
CRISC applications are located at www.isaca.org/criscapp
ISACA LA Certification Courses
The ISACA LA Chapter provides four Saturday (total 24 hours) sessions for the exam preparation but they are not intended to be basic teaching sessions. The candidates should have a proper educational background in all of the subject areas. The sessions are designed to review the five domains that comprise the CRISC examination and to clarify the more difficult material. The sessions will include lectures and discussions with time for questions raised by the participants.
NOTE: This review course is intended to assist participants in their preparation for the exam. However, there is no guarantee that completion of the course will ensure passage of the examination.
Four Saturdays (24 CPEs)
October 26, 2019 – 8:30 AM – 4:30 PM PT
Calendar of Topics
October 26 – 8:30 AM (Thomas Phelps)
Domain One: (4 Hours)
IT Risk Identification
November 9 – 8:30 AM (John Kronick)
Domain Two: (4 Hours)
IT Risk Assessment
November 16 – 8:30 AM (John Kronick)
Domain Three: (4 Hours)
Risk Response and Mitigation
November 23 – 8:30 AM (Mikhael Felker)
Domain Four: (4 Hours)
Risk and Control Monitoring and Reporting
Review / Questions (2 Hours) Mikhael Felker
Practice Questions: All Domains
Meet Our Instructors
Domain 1 – Thomas Phelps IV, CISA – Thomas Phelps IV is the VP of Corporate Strategy & CIO for Laserfiche, a global provider of intelligent content management and process automation software. Thomas joined Laserfiche in 2014 and leads IT, industry marketing, analyst relations and major strategic initiatives. He was part of the executive team that launched Laserfiche Cloud in 2015. Prior to Laserfiche, Thomas was the national entertainment and media champion for cybersecurity at PwC. He led the initiative to innovate content security practices used worldwide in the motion picture industry. He was the Advisory Services leader for two major accounts, and provided Fortune 500 clients with consulting services on IT audit, IT transformation, security, privacy and business continuity areas.
Thomas is the Chairperson of Long Beach AcceleratorTM, a non-profit whose mission is to accelerate early stage startups with seed funding, mentorship and exit strategy. He serves on the board of directors for [email protected], Southern California, SIM and Advancing Women in Technology. Thomas is a Past-President of ISACA Los Angeles, and on the 50thAnniversary Governance Panel. He is a founding member and Past-President of Ascend Los Angeles, a Pan-Asian leadership development organization. Thomas has co-authored and contributed to five books. In 2019, Thomas became an adjunct professor teaching IT Auditing and Analytics in the USC Masters in Accounting program.
Domain 2 and Domain 3 – John Kronick, CISA, CRISC, CISM – John Kronick, an accomplished security innovator and security architecture thought leader, serves as Regional Director of Risk Management & Compliance at NCC Group, one of the world’s largest and prominent Cyber Security specialist companies, and a trusted technology partner for thousands of businesses and government entities around the globe. John has over 25 years of professional experience in providing strategic and tactical privacy, security, risk management, transformation and forensics assurance services to healthcare, governmental and commercial entities. He served in prior CISO roles at Prime Healthcare, Gartner Group, CitiBank, Purdue Pharma and Estee Lauder.
John has significant expertise in public / private law enforcement liaison activities, “Big 4” public auditing (Deloitte), SOX, PCI, security compliance management and global security operations and transformation.Prior to joining NCC Group, John was a CISO at Prime Healthcare, building innovative security measures to address IOT and telehealth security concerns. He also served as a Senior Manager at Accenture, responsible for delivery of risk and security services to many large commercial healthcare, retail, banking and government clients.
Domain 4 – Mikhael Felker, CISSP, CGEIT, CIPP, CISA, CISM, CRISC, ITIL, PMP. Mikhael is Director of Information Security & Risk Management for Farmers Insurance. In the past decade, he has taken on various information roles including engineering, teaching, writing, research, and management. His sector experience includes insurance, defense, healthcare, nonprofit/education and technology/Internet, seeing first-hand the variance in information security culture and program maturity. Felker received his M.S. in information security policy and management from Carnegie Mellon University and B.S. in computer science from UCLA. He has over 50+ publications and has been a speaker for RSAC, CSA, ISSA, ISACA, ISC2 and OWASP events.
Southern California Edison
2131 Walnut Grove Ave
Rosemead, CA 91770
Use the map below to get directions to Southern California Edison.
Parking and Class Room access:
Parking is free to all participants and instructors. We will reimburse your first Saturday and have parking stickers for subsequent Saturdays.
Conference Rooms: There will be signs for the conference rooms.
Meals: Breakfast, break refreshments and lunch will be provided. Classrooms will be marked for the review course.
Recommended Study Materials
The 2019 CRISC Review Technical Information Manual will not be provided at the review class and must be purchased directly from www.isaca.org Bookstore. Purchase is not mandatory but highly recommended. Class preparation will benefit from reading the domain (chapter) material prior to the class session. Instructors will hand out additional materials if deemed appropriate.
Instructors will NOT provide hardcopy of handouts so bring your mini-pad or laptop. A softcopy of material will be provided before the class and during each session if download is not possible.