x

75% of people globally want unbiased news (Pew Research) but are concerned they're not getting that.

Get balanced coverage with Symby. See how stories are covered across diverse outlets and spot when one side covers a story the other skips.

PODCAST

Certified: The CRISC Audio Course

Dr. Jason Edwards

The Bare Metal Cyber CRISC Audio Course is your complete, exam-focused companion for mastering the Certified in Risk and Information Systems Control (CRISC) certification. Built for IT and cybersecurity professionals, this Audio Course transforms ISACA’s CRISC domains into clear, structured, and practical lessons that make complex risk concepts approachable and actionable. Each episode covers essential areas such as risk governance, IT risk assessment, risk response and reporting, and control

education courses

All Episodes

10:29

Episode 34: Inherent Risk vs. Residual Risk

Certified: The CRISC Audio Course ·

2025/07/05

A clear understanding of inherent and residual risk is critical for exam success. This episode explains how to define and compare these two key risk states, and why both are essential for making informed treatment decisions. You’ll explore examples that show how control strength affects residual risk and learn how to apply these concepts in CRISC-style calculations and judgment questions. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

10:30

Episode 33: Conducting Business Impact Analysis (BIA)

Certified: The CRISC Audio Course ·

2025/07/05

Business impact analysis helps prioritize what matters most during risk assessments. In this episode, you’ll learn how to conduct a BIA, identify critical processes, estimate financial and operational impacts, and understand dependencies. This skill is foundational to effective risk prioritization and frequently appears in Domain 2 exam scenarios involving continuity planning and recovery metrics. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

10:12

Episode 32: Risk Analysis Methodologies and Tools

Certified: The CRISC Audio Course ·

2025/07/05

Choosing the right methodology is crucial for valid risk assessments. This episode explores the different approaches to risk analysis—qualitative, quantitative, and hybrid—and introduces common tools like risk matrices and Monte Carlo simulations. You’ll also learn how to evaluate likelihood and impact in a structured way. This content will help you select the right method in CRISC scenario questions with confidence. Ready to start your journey with confidence? Learn more at

en

10:27

Episode 31: The IT Risk Register: Creation and...

Certified: The CRISC Audio Course ·

2025/07/05

The risk register is the heart of risk tracking and reporting, and CRISC candidates must understand how to build and maintain one effectively. This episode explains how to document risk scenarios, assign attributes like ownership and risk level, and keep the register aligned with enterprise goals. You’ll learn how the risk register supports communication, accountability, and decision-making—key themes tested throughout Domain 2. Ready to start your journey with confidence? Learn more at

en

10:36

Episode 30: Risk Assessment Concepts, Standards, and...

Certified: The CRISC Audio Course ·

2025/07/05

ISACA expects CRISC candidates to understand key risk assessment standards and apply them in context. In this episode, we explore qualitative vs. quantitative methods, the role of standards like ISO 31010, and how assessment frameworks guide stakeholder communication. You’ll gain the tools to approach assessment methodology questions with clarity and select the best-fit approach for different risk environments. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

10:51

Episode 29: Risk Scenario Development

Certified: The CRISC Audio Course ·

2025/07/05

Risk scenarios bring all elements of risk together—threats, assets, vulnerabilities, and business impact. This episode walks you through the process of constructing risk scenarios that are measurable, realistic, and actionable. You’ll learn scenario structure, scope considerations, and alignment with risk registers. Expect to apply this knowledge in multiple-choice and situational exam questions. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

10:33

Episode 28: Vulnerability and Control Deficiency...

Certified: The CRISC Audio Course ·

2025/07/05

Risk is driven not just by threats, but also by internal weaknesses. In this episode, we cover how to analyze vulnerabilities and control deficiencies using techniques like root cause analysis. You’ll learn how to differentiate between gaps in design and execution and understand their implications for organizational exposure. These concepts directly inform risk calculation and CRISC decision logic. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

10:41

Episode 27: Threat Modelling and the Threat Landscape

Certified: The CRISC Audio Course ·

2025/07/05

Effective risk assessment starts with a clear picture of your threat environment. This episode teaches you how to conduct threat modeling, understand adversary types, and anticipate threat behaviors. You’ll also explore real-world threat landscape trends and how to prioritize threat intelligence. This knowledge is frequently tested in scenarios that ask you to evaluate evolving threat conditions. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

11:08

Episode 26: Analyzing Loss Results and Business...

Certified: The CRISC Audio Course ·

2025/07/05

Once a risk event is identified, you must understand its potential consequences. In this episode, we explore how to estimate loss results—including operational, financial, reputational, and compliance impacts. You’ll learn how to break down tangible and intangible losses and how ISACA expects you to assess business consequences as part of risk analysis. This skill is key to scoring well on Domain 2 questions. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

10:29

Episode 25: Risk Events: Identification and...

Certified: The CRISC Audio Course ·

2025/07/05

To assess risk, you must first identify what risk events could occur. This episode focuses on how to recognize risk events, contributing conditions, and triggering factors within business and IT environments. You’ll learn how to spot common risk drivers and develop the foundational understanding needed to construct meaningful risk scenarios—just like you’ll see on the CRISC exam. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

10:51

Episode 24: CRISC Domain 2 Overview: Understanding IT...

Certified: The CRISC Audio Course ·

2025/07/05

Domain 2 focuses on one of the most critical skills in CRISC: assessing IT risk accurately and effectively. This episode introduces the domain’s structure and explores the relationship between threats, vulnerabilities, scenarios, and impact. You’ll understand how Domain 2 ties directly into risk identification, evaluation, and the overall risk lifecycle. It’s your launchpad into hands-on risk analysis topics. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

10:44

Episode 23: Domain 1 Review: Key Takeaways and Exam Tips

Certified: The CRISC Audio Course ·

2025/07/05

This episode recaps the core lessons from Domain 1—Governance—and helps you consolidate key terms, relationships, and frameworks for the exam. From strategy alignment to ethics, this is your opportunity to reinforce knowledge before moving forward. We’ll highlight the concepts ISACA emphasizes most and offer practical advice on how to approach Domain 1 questions with clarity and confidence. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

10:46

Episode 22: Professional Ethics of Risk Management

Certified: The CRISC Audio Course ·

2025/07/05

Ethical decision-making is a foundational principle for CRISC-certified professionals. This episode reviews ISACA’s Code of Professional Ethics and how ethical standards apply to governance, risk reporting, and stakeholder communication. You'll discover how integrity, transparency, and fairness must guide your judgment—especially when dealing with sensitive or high-stakes risk decisions. These values are critical to your role and to exam scenarios. Ready to start your journey with

en

11:21

Episode 21: Legal, Regulatory, and Contractual...

Certified: The CRISC Audio Course ·

2025/07/05

CRISC professionals must understand how external obligations impact IT risk decisions. In this episode, we explore legal mandates, industry regulations, and contractual terms that shape organizational risk posture. You’ll learn how to identify compliance risks, apply control frameworks to meet legal standards, and prepare for questions that test your ability to integrate regulatory expectations into risk assessments and treatment strategies. Ready to start your journey with confidence

en

11:35

Episode 20: Risk Appetite and Risk Tolerance:...

Certified: The CRISC Audio Course ·

2025/07/05

Understanding risk appetite and tolerance is vital for ensuring alignment between risk responses and business strategy. This episode clarifies these concepts, highlights the differences, and explores how they guide stakeholder decision-making. These topics often appear in scenario questions, where the correct answer depends on how well you grasp organizational risk thresholds. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

11:21

Episode 19: Risk Profile: Development and Maintenance

Certified: The CRISC Audio Course ·

2025/07/05

Every organization must maintain a clear picture of its risk exposure—and that picture is the risk profile. In this episode, we explain how risk profiles are developed, what they contain, and how they support decision-making at every level. You’ll also learn how CRISC expects you to evaluate and update a risk profile in response to changing conditions. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

11:04

Episode 18: Three Lines of Defense Model

Certified: The CRISC Audio Course ·

2025/07/05

One of the most tested models in CRISC, the Three Lines of Defense framework is essential to understand clearly. This episode walks through each line—operational management, risk and compliance functions, and internal audit—and explains their distinct roles. You’ll gain the clarity needed to answer exam questions that assess responsibility separation and governance assurance. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

11:30

Episode 17: Enterprise Risk Management and Risk...

Certified: The CRISC Audio Course ·

2025/07/05

To pass CRISC, you must be fluent in Enterprise Risk Management (ERM) concepts and how formal risk frameworks guide decision-making. This episode covers key frameworks like COSO and ISO 31000 and explains how they are applied in IT contexts. You'll also learn how these frameworks align risk processes with organizational goals—a core theme across Domain 1. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

11:44

Episode 16: Organizational Assets

Certified: The CRISC Audio Course ·

2025/07/05

Assets are the objects of risk, and this episode gives you the tools to identify, classify, and prioritize them. From information and infrastructure to personnel and facilities, we discuss the types of assets risk professionals must protect. You’ll also explore how asset valuation and asset ownership relate to risk scenarios—a key connection frequently tested on the CRISC exam. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

11:58

Episode 15: Business Processes

Certified: The CRISC Audio Course ·

2025/07/05

Risk doesn’t exist in a vacuum—it exists within processes. In this episode, you'll learn how to identify and evaluate business processes in relation to risk scenarios. We discuss process mapping, ownership, dependencies, and the role of controls. This content directly supports Domain 1 exam questions that ask how to assess business processes for risk exposure and governance relevance. Ready to start your journey with confidence? Learn more at BareMetalCyber.com.

en

94 results

Similar Podcasts

Science Talk

Albert Einstein College of Medicine

五分钟心理学

柠檬心理

Daily Facts

Amalia Dupray and Montgomery Jones.

Les dents et dodo

BFMTV

Veterinary Clinical Podcasts

The Royal Veterinary College