IT & Cyber Risk Product Implementation Specialist
A course will be available for 365 days upon enrollment
Certifications / Product Implementation Specialist

IT & Cyber Risk Product Implementation Specialist


This certification curriculum includes both the product implementation course and the platform administration course. Successfully completing the course content and certification exam will yield the user an IT & Cyber Risk Product Implementation Specialist certificate.

Level – Advanced

Duration – 22 Hours

Course Completion Requirement – 2 weeks from date of assignment

Pre-requisites: Familiarity with IT & Cyber Risk Concepts


Practice, Assessment & Certification:

Once courses 1 & 2 have been completed, please reach out to your trainer at [email protected] for the following:

  1. Practice Instance: MSU will provide access to a practice instance for a duration of 2 weeks.
  2. Facetime with Instructor: Collate all questions you may have on the course and send to your trainer; the trainer may host a dedicated 1hr session to address any questions.
  3. Assessment & Certification: You are expected complete the assessment in 2 weeks from the assignment of this course

Curriculum content

  • Course Overview: The MetricStream’s IT-Risk Management app helps to assess, measures, and monitors IT operational and security risks in relation to strategic goals and objectives of the organization. The app also helps quantify the risk in terms of its monetary value which helps organization adopt a suitable risk mitigation method. Level – Advanced Course Duration – 5 Hours of Training Content + 5 Hours of Practice + 2 Hours of Q & A with MSU Instructor Course Completion Requirement – 2 weeks from date of assignment Pre-requisites: Familiarity with IT-Risk Management concepts At the end of the training, practice and certification, resources will be able to understand:  Learning Objectives:  The training is focused on the features, process, workflows, and functionalities of the Business Continuity Management application. At the end of the training, practice and certification, resources will be able to understand:      Product Functionality & Use Case - Workflow Usage   ·           Understand how to navigate the IT and Cyber Risk Management app ·           Create IT Risk Management content  ·           Create, approve and manage Risk Assessment plans ·           Execute IT- Risk assessments  ·           Create, approve and manage threats, threat actors and alerts ·           Create, approve and manage Vulnerabilities ·           Log, approve, manage, monitor and close issues     Product Configuration ·           Configuration Workbooks ·           Updating IT-Risk LOVs ·           Updating IT-Risk Data Tables ·          IT-Risk Configuration Parameters          Product/Use Case Setup, User Management & Basic Administration   ·            Upload IT Risk Management content  ·            Subscribe to external alerts & channels ·            Setup remediation rules & templates ·            Setup Quantitative & Qualitative assessment factors ·            Configure connectors ·            Provision/Deactivate Users ·            IT-Risk Role Activities & Objects ·            Map Users to IT-Risk Org-Role Pairs  
    • Lesson Overview & Navigation

      IT and Cyber Risk Management product provides a systematic approach for identifying, assessing, and treating information security risks on business-critical processes, information technology assets and applications.
    • Lesson GRC Libraries

      GRC Foundation is a comprehensive set of interlinked libraries that form the underlying GRC framework for all GRC-related activities across the enterprise. It is an add-on component to the base MetricStream Integrated Risk Platform and is always installed for all products.
    • Lesson Qualitative Assessments

      Qualitative Assessments module helps you to to schedule risk assessments, assess risks and controls, log findings and issues, and reassess risks.
    • Lesson Threats

      The Threats module is used to gain insight into the list of threats. You can capture ad hoc threat, alert details, the details of different threats, and threat actors to identify the strength of the threat and possibility of the threat being carried out.
    • Lesson Vulnerabilities

      The Vulnerabilities module helps you to gain insight into the list of vulnerabilities. You can capture vulnerability details to identify the severity and exposure level of the vulnerability.
    • Lesson Issues

      The Issues module allows companies to establish and follow consistent procedures for issue reporting, task management, and status reporting. It supports the identification and evaluation of issues as well as case investigation and tracking leading to an elaborate remediation or corrective action process.
    • Lesson IT-Risk - Product Setup

      MetricStream components can be tailored to specific requirements of an organization in different ways. This unit covers the most common requirements and functions performed by an 'Apps Administrator. '
    • Lesson IT-Risk Product Configuration

      This unit covers configuration topics enabling you to populate configuration workbooks, updating LOVs and Data Table on forms and defining workflow parameters. 
    • Lesson IT-Risk Product Administration

      This unit will enable you to provision, deactivate and map users to various roles in the IT-Risk app.
    • Lesson IT and Cyber Risk Management App Practice (4 Hours)

      Please reach out to your trainer for credentials to the practice instance before starting this unit.
  • This course enables users to learn the Platform Features, Navigation and key terminologies.  It helps the administrators to understand setup the organization and its attributes like Hierarchy and Location . It equips them in managing roles and provision users efficiently which is most appropriate for their business scenarios. This course enables participants administer the MetricStream platform independently after the training.   Level – Advanced Course Duration – 6 Hrs of Training Content + 4 hrs of Practice Course Completion Requirement – 2 weeks from date of assignment Pre-requisites: Functionality of the Apps and Business entities Course Objectives At the end of this course, you will: Understand MetricStream’s Platform and its key terminologies Understand how to navigate the MetricStream Portal Understand how to setup an Organization, location and its hierarchy,  matching the business usecase. Create and Manage Roles, Activities and Infocenters Administer users and Manage access to the resources
  • This certification requires the following assessments to be completed:   Assessment – I: The test has 60 questions that need to be answered and you will have 120 minutes to complete the assessment once started. You may start this at any time before the closure date, however once started the test cannot be paused. Hence ensure that you have set aside time to complete this assessment before you hit the  START  button. 2.   Assessment – II: This is a scenario-based assessment that ought to be completed before the assessment closure date. Since there is no time limit, you may start the test right away and complete it in any order you see fit. Please ensure that all results are captured and filled before the assessment closure dates.