IT & Cyber Risk Product Implementation Expert
A course will be available for 365 days upon enrollment
Certifications / Product Implementation Expert

IT & Cyber Risk Product Implementation Expert


This certification curriculum includes both the product implementation course and the platform administration course. Successfully completing the course content and certification exam will yield the user an IT & Cyber Risk Product Implementation Expert certificate.

Level – Advanced

Duration – 45 Hours

Course Completion Requirement – 2 weeks from date of assignment

Pre-requisites: Familiarity with IT & Cyber Risk Concepts


Practice, Assessment & Certification:

Once courses 1 & 2 have been completed, please reach out to your trainer at [email protected] for the following:

  1. Practice Instance: MSU will provide access to a practice instance for a duration of 2 weeks.
  2. Facetime with Instructor: Collate all questions you may have on the course and send to your trainer; the trainer may host a dedicated 1hr session to address any questions.
  3. Assessment & Certification: You are expected complete the assessment in 2 weeks from the assignment of this course

Curriculum content

  • Course Overview: The MetricStream’s IT-Risk Management app helps to assess, measures, and monitors IT operational and security risks in relation to strategic goals and objectives of the organization. The app also helps quantify the risk in terms of its monetary value which helps organization adopt a suitable risk mitigation method. Level – Advanced Course Duration – 5 Hours of Training Content + 5 Hours of Practice + 2 Hours of Q & A with MSU Instructor Course Completion Requirement – 2 weeks from date of assignment Pre-requisites: Familiarity with IT-Risk Management concepts At the end of the training, practice and certification, resources will be able to understand:  Learning Objectives:  The training is focused on the features, process, workflows, and functionalities of the Business Continuity Management application. At the end of the training, practice and certification, resources will be able to understand:      Product Functionality & Use Case - Workflow Usage   ·           Understand how to navigate the IT and Cyber Risk Management app ·           Create IT Risk Management content  ·           Create, approve and manage Risk Assessment plans ·           Execute IT- Risk assessments  ·           Create, approve and manage threats, threat actors and alerts ·           Create, approve and manage Vulnerabilities ·           Log, approve, manage, monitor and close issues     Product Configuration ·           Configuration Workbooks ·           Updating IT-Risk LOVs ·           Updating IT-Risk Data Tables ·          IT-Risk Configuration Parameters          Product/Use Case Setup, User Management & Basic Administration   ·            Upload IT Risk Management content  ·            Subscribe to external alerts & channels ·            Setup remediation rules & templates ·            Setup Quantitative & Qualitative assessment factors ·            Configure connectors ·            Provision/Deactivate Users ·            IT-Risk Role Activities & Objects ·            Map Users to IT-Risk Org-Role Pairs  
    • Lesson Overview & Navigation

      IT and Cyber Risk Management product provides a systematic approach for identifying, assessing, and treating information security risks on business-critical processes, information technology assets and applications.
    • Lesson GRC Libraries

      GRC Foundation is a comprehensive set of interlinked libraries that form the underlying GRC framework for all GRC-related activities across the enterprise. It is an add-on component to the base MetricStream Integrated Risk Platform and is always installed for all products.
    • Lesson Qualitative Assessments

      Qualitative Assessments module helps you to to schedule risk assessments, assess risks and controls, log findings and issues, and reassess risks.
    • Lesson Threats

      The Threats module is used to gain insight into the list of threats. You can capture ad hoc threat, alert details, the details of different threats, and threat actors to identify the strength of the threat and possibility of the threat being carried out.
    • Lesson Vulnerabilities

      The Vulnerabilities module helps you to gain insight into the list of vulnerabilities. You can capture vulnerability details to identify the severity and exposure level of the vulnerability.
    • Lesson Issues

      The Issues module allows companies to establish and follow consistent procedures for issue reporting, task management, and status reporting. It supports the identification and evaluation of issues as well as case investigation and tracking leading to an elaborate remediation or corrective action process.
    • Lesson IT-Risk - Product Setup

      MetricStream components can be tailored to specific requirements of an organization in different ways. This unit covers the most common requirements and functions performed by an 'Apps Administrator. '
    • Lesson IT-Risk Product Configuration

      This unit covers configuration topics enabling you to populate configuration workbooks, updating LOVs and Data Table on forms and defining workflow parameters. 
    • Lesson IT-Risk Product Administration

      This unit will enable you to provision, deactivate and map users to various roles in the IT-Risk app.
    • Lesson IT and Cyber Risk Management App Practice (4 Hours)

      Please reach out to your trainer for credentials to the practice instance before starting this unit.
  • This course enables users to learn the Platform Features, Navigation and key terminologies.  It helps the administrators to understand setup the organization and its attributes like Hierarchy and Location . It equips them in managing roles and provision users efficiently which is most appropriate for their business scenarios. This course enables participants administer the MetricStream platform independently after the training.   Level – Advanced Course Duration – 6 Hrs of Training Content + 4 hrs of Practice Course Completion Requirement – 2 weeks from date of assignment Pre-requisites: Functionality of the Apps and Business entities Course Objectives At the end of this course, you will: Understand MetricStream’s Platform and its key terminologies Understand how to navigate the MetricStream Portal Understand how to setup an Organization, location and its hierarchy,  matching the business usecase. Create and Manage Roles, Activities and Infocenters Administer users and Manage access to the resources
  • Course Overview:  The MetricStream Platform provides a framework that enables customers and partners to configure the application based on customer use case. The framework ensures that the configurations or changes made remain intact, while incorporating the updates from a new App patch or feature pack. The framework has been enabled for components like Forms, Configuration Parameters, List of Values (LOV), Workflow Emails, and Email Templates   Level Intermediate Content 12 Hours Practice 6 Hours Q&A with MSU 2 Hours Pre-Requisites Practical Knowledge in SQL, PL/SQL, Data Modelling, Java, JavaScript, Product Setup, Features and Functionality, Certification Awarded* MetricStream Certified Configuration Specialist   Learning Objectives:  At the end of the training, resources will be able to understand: How to setup the applications How to perform basic configurations How to create, modify reports and charts How to configure forms How to Create and Manage Infocenters How to Manage Emails & Email Templates *(Training will cover how to configure all apps, so it is app neutral)   Practice Instance: Once you start the course, please reach out to MSU at [email protected] to get a practice instance allocated.   Facetime with Instructor: Upon completion of course content and sufficient practice, reach out to your MSU instructor for your 4 hr Q&A session to clarify and address any open questions.   Certification (Optional): To be certified, you need to score a minimum of 75% on both the objective and practical assessment. You are allowed a maximum of 2 attempts to pass the certification tests. Please reach out to the instructor once you are ready for assessment. The maximum duration allowed for appearing for assessment is 2 weeks from the course assignment date.
  • This certification requires the following assessments to be completed:   Assessment – I: The test has 60 questions that need to be answered and you will have 120 minutes to complete the assessment once started. You may start this at any time before the closure date, however once started the test cannot be paused. Hence ensure that you have set aside time to complete this assessment before you hit the  START  button. 2.   Assessment – II: This is a scenario-based assessment that ought to be completed before the assessment closure date. Since there is no time limit, you may start the test right away and complete it in any order you see fit. Please ensure that all results are captured and filled before the assessment closure dates.