Certification Profile: ISACA Certified in Risk and Information Systems Control (CRISC)
July 12, 2016
There’s no doubt that IT certifications provide extra value to IT professionals and hundreds of certifications are available from a wide range of technological sectors. Out of all of the certification options out there, how can you determine which one(s) are better to invest in?
IT Security is quickly becoming a competitive job market and employers want to hire professionals who have great security knowledge and are familiar with industry best practices. The ISACA Certified in Risk and Information Systems Control (CRISC) certification has been recognized as a leading certification in the IT industry. CRISC was established in 2010, and just three years later, it was named the Gold Winner at the SC Magazine Awards. However, that’snot the only reason to become CRISC-certified. Learn more about how this certification can help you thrive in your career!
Who Can Benefit from CRISC?
Once you have your CRISC certification, you will understand how to recognize business risks, monitor the risk status, and eliminate, or at the very least, neutralize, the risk. Employers want to hire CRISCs because “CRISCs bring additional professionalism to any organization by demonstrating a quantifiable standard of knowledge, pursuing continuing education, and adhering to a standard of ethical conduct established by ISACA.”
This certification is designed for professionals in risk management and information systems controls, so roles such as Business Analysts, Project Managers, and Risk/Control/Compliance will benefit from earning it. Global Knowledge reports professionals who are CRISC-certified make an average salary of $122,954, making it the second highest-paying IT certification in 2016.
How You Can Become Certified
It’s important to note that the requirements to being CRISC-certified were updated in 2015 to the following criteria:
- Successful completion of the CRISC examination
- IT risk management and information systems control experience
- Adherence to the Code of Professionals Ethics
- Adherence to the Continuing Professional Education (CPE) Policy
Also in 2015, the Job Practice Area analysis was revised, which means you need a minimum of three years’ experience in at least two of the four domains: IT Risk Identification, IT Risk Assessment, Risk Response and Mitigation, and Risk and Control Monitoring and Reporting. To prep for the exam, you can use these ISACA study materials as well as take review courses and join a local study community.
You don’t need to be an ISACA member to take the CRISC exam but having the membership will reduce the exam fee from $710 to $525, including early registration. If you happen to register after the deadline, the fees then increase by $50 whether you’re an ISACA member or not as the exam is only offered twice a year. An in-depth explanation of what you can expect before, during, and after taking the exam can be found here.
Upon passing the certification exam, the next steps are to follow the Code of Professional Ethics, which states that you will follow appropriate procedures if you detect a business risk. You must also take Continuing Professional Education courses and report those earned credits to CRISC (at least 20 credits annually and a minimum of 120 in a three-year duration).
Check out our other certification profiles here!
Posted By: Jaclyn Roman