Press Release


 Global Knowledge Study Names ISACA’s CRISC and CISM the Highest-paying IT Certifications in 2015 

Rolling Meadows, IL, USA (9 March 2015)—The Global Knowledge 2015 IT Skills and Salary Survey has ranked three ISACA certifications in the top five highest-paying credentials this year. ISACA’s Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM) certifications earned the top two spots, while Certified Information Systems Auditor (CISA) rounded out the top five.

The IT Skills and Salary Survey is a nationwide survey that was conducted in part with Windows IT Pro in the fall of 2014. The survey found that certifications in IT security, networking and systems management are at the top of the certification pay scale.

“We are pleased that ISACA certifications earned three of the top-paying certifications in the Global Knowledge IT Skills and Salary Survey,” said Tori Easterly, product director for networking and security of Global Knowledge. “Professionals with a certification from ISACA demonstrate credibility in the areas of risk and control, information security and assurance.”

Introduced in 2010 for risk and control professionals, CRISC holds the top spot on the list with an average salary of US$119,227. CRISC is designed for professionals who identify and manage risk through the development, implementation and maintenance of appropriate information systems controls. More than 18,000 people have earned CRISC certification since inception.

CISM is ranked as the second-highest-paying certification on the list, with an average salary of US$118,348. Designed for experienced information security managers, CISM has been earned by more than 27,000 professionals since it was created in 2002.

With an average salary of US$106,181, the CISA credential ranks as the fifth-highest-paying certification on the list. Established in 1978 as a standard of achievement for information systems auditors, CISA has been earned by more than 115,000 individuals since inception.

“ISACA credentials are strong career enhancers for professionals in the IT audit, security,  and risk management fields,” said Prof. Frank Yam, international director of ISACA and CEO of Focus Strategic Group Inc. “The study results show that employers recognize the value of these credentials—and that they are willing to pay a premium for those who have them.”

In addition to CISA, CISM and CRISC, ISACA offers the Certified in the Governance of Enterprise IT (CGEIT) certification, which was recently named a “hot” certification for 2015 by Foote Partners LLC. For more information on all of ISACA’s certifications, visit



With more than 115,000 constituents in 180 countries, ISACA ( helps business and IT leaders build trust in, and value from, information and information systems. Established in 1969, ISACA is the trusted source of knowledge, standards, networking, and career development for cybersecurity and information systems audit, risk, privacy and governance professionals. ISACA offers the Cybersecurity Nexus, a comprehensive set of resources for cybersecurity professionals, and COBIT, a business framework that helps enterprises govern and manage their information and technology. ISACA also advances and validates business-critical skills and knowledge through the globally respected Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT) and Certified in Risk and Information Systems Control (CRISC) credentials. The association has more than 200 chapters worldwide.

Follow ISACA on Twitter:

Join ISACA on LinkedIn: ISACA (Official),

Like ISACA on Facebook:



Kristen Kessinger, +1.847.660.5512,

Joanne Duffer, +1.847.660.5564,

Rachel Acevedo, +1.847.660.5617,

ISACA Newsroom: