Do you want to test your knowledge before you sit in the exam?

This practice test is based on the real questions appeared on the exam and have a probability to appear on the exam again!

ISACA’s Certified in Risk and Information Systems Control™ (CRISC®) certification indicates expertise in identifying and managing enterprise IT risk and implementing and maintaining information systems controls.

CRISC validates your expertise in the 4 work-related domains listed below that are applicable across industry verticals:

• Domain 1 - IT Risk Identification (27% of exam)

  Identify the universe of IT risk to contribute to the execution of the IT risk management strategy in support of business objectives and in alignment with the enterprise risk management (ERM) strategy.

  
  

• Domain 2 - IT Risk Assessment (28% of exam)

  Analyze and evaluate IT risk to determine the likelihood and impact on business objectives to enable risk-based decision making.

  
  

• Domain 3 - Risk Response and Mitigation (23% of exam)

  Determine risk response options and evaluate their efficiency and effectiveness to manage risk in alignment with business objectives.

  
  

• Domain 4 - Risk and Control Monitoring and Reporting (22% of exam)

  Continuously monitor and report on IT risk and controls to relevant stakeholders to ensure the continued efficiency and effectiveness of the IT risk management strategy and its alignment to business objectives.

  
  

DO NOT confuse the SIX parts of the practice test with FOUR CRISC domains. They don't map one to one. Each of the practice test may have mixed questions from different domains.

By the end of the practice tests, you will have a better understanding of how much you are prepared for the exam.