Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *

CRISC Job Practice Areas

A job practice serves as the basis for the exam and the requirements to earn the CRISC. This job practice consists of task and knowledge statements, organized by domains. The CRISC job practice areas as of 2015 are listed below

CRISC Certification Job Practice – Effective 2015

A CRISC job practice analysis has been completed, resulting in a new CRISC job practice which reflects the vital and evolving responsibilities of IT risk and IS control practitioners. A job practice serves as the basis for the exam and the requirements to earn the certification. This new job practice consists of task and knowledge statements representing the work performed in IT risk identification, assessment, response, mitigation and monitoring. These statements and domains are the result of extensive research, feedback, and validation from IT risk and control subject matter experts and prominent industry leaders from around the globe.

The below job practice is organized by domains that will be tested for the first time on the June 2015 CRISC exam. The major change to the CRISC job practice is the combining of IT risk and control tasks within the domains which resulted in a decrease from five (5) to four (4) domains. Starting in June 2015, the CRISC exam will contain 150 questions testing the new job practice.

The job practice domains and task and knowledge statements are as follows:

Domain 1—Risk Identification (27%)

Domain 2—Risk Assessment (28%)

Domain 3—Risk Response and Mitigation (23%)

Domain 4—Risk and Control Monitoring and Reporting (22%)

For detailed information on the job practice areas click here

Make the most of your relatioship with ISACA

Become a Member