Stay ahead of IT Risk with ISACA IT Risk Fundamentals Certificate.
Learn how to identify, evaluate and respond to IT-related risk. Every enterprise experiences risk. ISACA’s IT Risk Fundamentals Certificate and related training are ideal for professionals who wish to learn about risk and information and technology (I&T)-related risk.
Overview
Learn, train and grow with IT Risk Fundamentals.
The IT Risk Fundamentals Certificate Program by ISACA offers a comprehensive understanding of IT risk management principles, methodologies, and best practices. Participants will develop the skills and knowledge needed to identify, assess, mitigate, and manage IT risks in alignment with ISACA’s standards and frameworks.
The IT Risk Fundamentals Certificate covers the principles of IT risk management, the responsibilities and accountability for IT risk, how to build risk awareness and how to communicate risk.
Discover Top ISACA Certifications for Malaysia’s Digital Trust Future: Advance your AI, cybersecurity, audit, governance, risk, and privacy capabilities with ISACA certifications built for the high impact roles organizations need in 2026.
Skills Covered
The ISACA IT Risk Fundamentals Certificate covers the principles of IT risk management, the responsibilities and accountability for IT risk, how to build risk awareness and how to communicate risk. You’ll learn six critical functions as you study for the certificate:
- Risk Intro and Overview
- Risk Identification
- Risk Response
- Risk Governance and Management
- Risk Assessment and Analysis
- Risk Monitoring, Reporting and Communication
Prerequisites
There are no prerequisites required to attend this course.
Target Audience
The “IT Risk Fundamentals Certificate Program by ISACA” is tailored to meet the needs of a diverse range of professionals and individuals interested in IT risk management. The target audience for this program includes:
- IT Professionals: IT managers, administrators, and technical staff looking to deepen their knowledge of IT risk management and ISACA’s frameworks.
- Risk Management Professionals: Professionals involved in risk assessment, risk analysis, and enterprise risk management seeking to expand their expertise in IT risk.
- Compliance Officers: Individuals responsible for ensuring compliance with IT governance standards and regulations who want to align their work with ISACA’s best practices.
- Auditors: Internal and external auditors interested in enhancing their IT audit and assessment skills following ISACA’s guidelines.
- Security Professionals: Cybersecurity specialists aiming to gain a broader perspective on risk management and strengthen their cybersecurity strategies.
- IT Governance Practitioners: Those responsible for establishing and maintaining IT governance practices within organizations and who wish to integrate ISACA’s COBIT framework effectively.
- IT Leaders and Managers: IT executives and managers interested in establishing a strong foundation in IT risk management and ISACA’s frameworks for improved decision-making.
- Aspiring IT Risk Managers: Individuals seeking to embark on a career in IT risk management who want to begin with a strong understanding of the fundamentals.
This program is versatile and designed to accommodate both seasoned professionals and individuals new to IT risk management. It provides a comprehensive foundation that is valuable for career advancement and professional development across various IT-related roles and responsibilities.
Module 1: Risk Intro and Overview
- Risk Terminology
- Business Risk
- I&T-related Risk
- Controls
Module 2: Risk Governance and Management
- Risk Governance
- Risk Management
- Positioning Risk
- Risk Stakeholders, Roles and Culture
- Risk Communication, Policy, Scope and Workflow
Module 3: Risk Identification
- Asset Types
- Asset Classification
- Asset Valuation
- Information Asset Valuation
- Threats
- Vulnerabilities
- Likelihood
- Risk Awareness
- I&T-related Risk
- Risk Scenarios
Module 4: Risk Assessment and Analysis
- Risk Assessment Process
- Risk Scenario Evaluation
- Risk Analysis Process, Approaches and Methods
- Risk Ranking, Prioritization and Aggregation
- Risk Documentation
- Control Assessment
Module 5: Risk Response
- Risk Response and Strategies
- Control Design and Implementation
- Incident Management, Business Continuity and Disaster Recovery
- Risk States
- Risk Response Selection, Prioritization and Communication
Module 6: Risk Monitoring, Reporting and Communication
- Risk Monitoring Process
- Key Risk Indicators
- Key Performance Indicators
- Risk and Control Monitoring and Testing
- Risk Reporting and Communication
Dates & Locations
July 13, 2026 - July 14, 2026
July 13, 2026 - July 14, 2026
October 5, 2026 - October 6, 2026
October 5, 2026 - October 6, 2026
Exam & Certification
There are no prerequisites. You can register for the IT Risk Fundamentals exam at any time. The online, remotely proctored 2-hour exam blends both knowledge (multiple choice) and performance-based questions set in a virtual lab environment.
- No. of Questions: 75 Multiple-choice
- Exam Length: 2 hours(120 minutes)
- Passing Score: 65%
- Exam Languages: English
Training & Certification Guide
Frequently Asked Questions
Speak to a Training Consultant
All courses are HRD Claimable.
Get in touch with our team via the form or WhatsApp us on +6011-5119 6631
