CRISC is the only certification that prepares and enables IT professionals for the unique challenges of IT and enterprise risk management, and positions them to become strategic partners to the enterprise.
CRISC is the most current and rigorous assessment available to evaluate the risk management proficiency of IT professionals and other employees within an enterprise or financial institute.
Those who earn CRISC help enterprises to understand business risk, and have the technical knowledge to implement appropriate IS controls.
The American National Standards Institute (ANSI) has accredited the CRISC certification program under ISO/IEC 17024:2012, General Requirements for Bodies Operating Certification Systems of Persons. ANSI, a private, nonprofit organization, accredits other organizations to serve as third-party product, system and personnel certifiers. ISACA is proud to be recognized with this international standard of performance.
In accordance with the ISO standard, ISACA understands the importance of impartiality and commits to act impartially in carrying out its certification activities, managing conflicts of interest and ensuring the objectivity of its certification activities.
It is important for a CRISC candidate to be able to distinguish functional terms and apply concepts associated with “risk,” “threats” and “vulnerabilities. These terms should not be used interchangeably.
The Certified in Risk and Information Systems Control (CRISC) certification is the most current and rigorous assessment available to evaluate the risk management proficiency of IT professionals and other employees within an enterprise or financial institution.
Achieving CRISC certification validates that you have the knowledge and expertise to help companies understand business risk. It also confirms that you have the technical knowledge to implement appropriate information system (IS) controls.
CRISCs bring additional professionalism to any organization by demonstrating a quantifiable standard of knowledge, pursuing continuing education, and adhering to a standard of ethical conduct established by ISACA.
ISACA draws on a global network of leading professionals to develop its certification programs. With access to experts around the world, ISACA is defining how IT risk is managed in current and future business environments.