Certified in Risk and Information Systems Control (CRISC)
Introduced in 2010, the CRISC certification is for IT and business professionals—including risk and compliance professionals, business analysts and project managers—who identify and manage risks through the development, implementation and maintenance of appropriate information systems (IS) controls. More than 17,000 professionals have earned the CRISC designation since inception. CRISC retention is more than 93 percent.
The CRISC is designed for IT and business professionals who identify and manage risks through the development, implementation and maintenance of appropriate IS controls
Across the globe, CGEIT holders command greater recognition in the marketplace and influence at the executive level which means:
WHO SHOULD CHOOSE CRISC?
The CGEIT certification was specifically developed for IT and business professionals who have significant management, advisory, or assurance roles relating to the governance of enterprise IT, including :
|IS/IT Directors||IS/IT Managers||IS/IS Consultants||IT Governance Professionals|
- More than 3,900 serve as audit directors, managers or consultants.
- Nearly 3,500 are employed as security directors, managers or consultants.
- More than 3,200 are employed in managerial, consulting or related positions in IT operations or compliance.
- Nearly 2,100 are IT directors, managers or consultants.
- More than 1,300 are CIOs, CISOs, or chief compliance, risk or privacy officers.
- More than 600 CRISCs are CEOs, CFOs or equivalent executives.
- More than 400 serve as chief audit executives, audit partners or audit heads.
The CRISC exam is offered twice a Year i.e. June and December and consists of 150 objective type questions which are to be completed in a 4 hour duration.
The Benefits of CRISC
- Demonstrate your ability to understand risk and control from a business perspective.
- Provide input to make effective risk-based decisions and prioritize resources to areas that are most at risk.
- Enable information systems control design and implementation, and control monitoring and maintenance.
- Affirms your ability to plan and implement appropriate control measures and frameworks that further mitigate enterprise risk without stifling innovation.
- establish a common language to communicate within IT and to stakeholders throughout the enterprise about risk.
CRISC Impacts Your Career and Your Organization
CRISC is the most current and rigorous assessment available to evaluate the risk management proficiency of IT professionals and other employees within an enterprise or financial institute. Those who earn CRISC help enterprises to understand business risk, and have the technical knowledge to implement appropriate IS controls.
For the Professional, CRISC Certification Provides:
- Denotes a prestigious, lifelong symbol of knowledge and expertise as a risk professional
- Increases your value to your organization as it seeks to manage IT risk
- Gives you a competitive advantage over peers when seeking job growth
- Gives you access to ISACA's global community of knowledge and the most up-to-date thinking on IT risk management
- Helps you achieve a high professional standard through ISACA’s requirements for continuing education and ethical conduct
Why Employers Hire CRISCs
CRISCs bring additional professionalism to any organization by demonstrating a quantifiable standard of knowledge, pursuing continuing education, and adhering to a standard of ethical conduct established by ISACA.
- Build greater understanding about the impact of IT risk and how it relates to the overall organization
- Assure development of more effective plans to mitigate risk
- Establish a common perspective and language about IT risk that can set the standard for the enterprise
How to Become CRISC Certified- 2015 exam and later
To earn the CRISC designation, candidates are required to:
- Successful completion of the CRISC examination
- IT risk management and information systems control experience
- Adherence to the Code of Professional Ethics
- Adherence to the Continuing Professional Education (CPE) Policy
Preparing for the CRISC exam
ISACA Bangalore chapter enables you to prepare for the exam. Regular weekend classes and crash courses are conducted at the Bangalore Chapter. See the Review Classes page for more information and/or Write to firstname.lastname@example.org for more information.
For a list of frequently asked questions, click FAQ's
Taking the CRISC exam
The CRISC exam is offered twice a year i.e. June & December and is usually held on the second sunday of the respective months. The exam comprises 150 questions and is to be taken within a four hour time frame. For more details about the exam, please click here
For a list of frequently asked questions, click FAQ's
The CRISC certification is gaining popularity globally and is raking in recognitions
- The Australian Signals Directorate listed CRISC as a prerequisite for itsInformation Security Registered Assessor Program.
- CRISC is listed among the highest-paying certifications in the Foote Partners IT Skills and Certifications Pay Index™ (ITSCPI) for 1 July 2013 – 1 October 2013. CRISC was also noted for earning above-average pay premiums that have been growing at an above-average rate for the last six months.
- SC Magazine selected CRISC as the 2013"Best Professional Certification Program" in the Professional Awards category. CRISC was a finalist in 2012.
- CRISC was listed as the second-highest-paying certification in the 2012 IT Skills and Salary Surveyby Global Knowledge andTechRepublic.
- The State of West Virginia Office of Information Security and Controls used the five CRISC domains and task statements to develop a checklist for use in risk assessments for HIPAA compliance.
CRISC In the News
- CIO Magazine ~ CRISC is listed in18 Hot IT Certifications for 2014.
- InfoWorld ~ “Good news, job seekers: IT certifications are hot again” – Article lists CRISC on list of IT certifications earning workers above-average pay premiums and states it is expected to grow at a brisk pace.
- Business Insider ~ “15 More Tech Skills That Can Instantly Net You A $100,000+ Salary” includes CRISC on the list of high earners.
- Securitas Operandi ~ In “Insights into CRISC certification quality,” Peter Gregory describes the rigorous process of creating questions for ISACA CRISC exams.
- CIO Magazine ~ CRISC is listed in 23 IT Certifications That Mean Higher Pay.
- Computer World ~ “Career Watch: A Certification for Risk Professionals” states that the CRISC credential is helpful to those in both risk and control.
- SearchSecurity.com~ David Foote (CEO and chief research officer of Foote Partners) recommends the CRISC certification: “Given where we see the market going [integrating more with business], that one probably will be very influential. We don't know of any other certification on the market quite like it.”