Press Release


 CRISC Certification on the Rise as IT Professionals React to Radically Changing Landscape 

Early-Bird Exam Deadline Is 10 February 2012 

Rolling Meadows, IL, USA (31 January 2012)The number of IT professionals seeking the CRISC (Certified in Risk and Information Systems Control) certification continues to rise rapidly. More than 16,000 professionals have earned the CRISC designation since the certification was introduced just over 18 months ago. This reflects a growing need among IT professionals to attain independent affirmation of their skill sets in response to the radically changing IT and business landscape, says global nonprofit IT association ISACA.

“CRISC is a highly desired certification because it is the only certification that positions IT professionals for future career growth by linking IT risk management to enterprise risk management,” said Allan Boardman, CRISC, CISA, CISM, CGEIT, CA (SA), ACA, CISSP, chair of ISACA’s Credentialing Board and a risk officer at a global financial services firm.

 Professionals across a wide range of job functions that include IT, security, audit and compliance have earned the CRISC designation since April 2010. This number includes more than 1,200 CIOs, CISOs, and chief compliance, risk and privacy officers. 

“CRISC is the result of significant market demand for a credential that recognizes experienced risk and control professionals, a demand that will only accelerate as vocal stakeholders demand better corporate governance and business performance and more secure infrastructures in 2012,” said Boardman. “The fact that even C-level professionals are pursuing CRISC certification shows that risk management is a strategic concern.”

Help Wanted: Taming IT Risk

Among the trends widely expected to dominate the IT landscape in 2012, ISACA has identified three that are especially critical to managing information risk: big data, the consumerization of information technology (bring your own device—BYOD) and the growing dominance of mobile devices. These trends can open the door to inadequate capacity planning and ineffective vendor management for cloud-based services. They also require IT professionals to be partners with the business on managing risk that affects all areas of the enterprise.  

Similar to the growth of joint MIS and MBA degrees, ISACA predicts that the information systems profession will see a growing evolution away from a technology-only focus to a culture of consultants with the skills to partner with the business in using technology as an enabler.

“I would strongly encourage anyone with sufficient real-world IT risk and controls experience to consider the CRISC certification. CRISC makes risk professionals more valuable to organizations that recognize IT risk as a critical component of overall risk management. Becoming certified provides an additional level of assurance that you have the necessary skills and experience, and provides a sense of belonging to a select group of professionals with common interests,” said Shawna Flanders, CRISC, CISA, CISM, ACS, CSSGB, SSBB, productivity specialist at PSCU Financial Services.


About ISACA Certifications

ISACA certifications are globally recognized as credible third-party validation that the certification holder has demonstrated both mastery of the subject material and relevant professional and educational experience. Independent studies show that holding an ISACA certification enhances professional credibility and recognition, increases the ability to earn top salary premiums and plays a role in the hiring process. In addition to CRISC, ISACA offers the Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and Certified in the Governance of Enterprise IT (CGEIT) certifications. 

CRISC examinations—a criterion for achieving the certification—are offered 9 June and 8 December 2012 at more than 240 locations around the world. Exam registration is open through 4 April 2012, but professionals can save US $50 if they register by 10 February.  

Visit for details on ISACA certifications and deadlines.



With 95,000 constituents in 160 countries, ISACA is a leading global provider of knowledge, certifications, community, advocacy, and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. Founded in 1969, the nonprofit, independent ISACA hosts international conferences, publishes the ISACA Journal, and develops international IS auditing and control standards, which help its constituents ensure trust in, and value from, information systems. It also advances and attests IT skills and knowledge through the globally respected CISA, CISM, CGEIT and CRISC certifications. ISACA continually updates COBIT, which helps IT professionals and enterprise leaders fulfill their IT governance and management responsibilities, particularly in the areas of assurance, security, risk and control, and deliver value to the business. 

Collaborate with ISACA members:

Follow ISACA on Twitter:

Join ISACA on LinkedIn: ISACA (Official)

Like ISACA on Facebook:



Kristen Kessinger,, +1.847.660.5512