Introduced in 2010, The Certified in Risk and Information Systems Control certification (CRISC), pronounced “see-risk,” is intended to recognize a wide range of IT and business professionals for their knowledge of enterprise risk and their ability to design, implement, monitor and maintain information system (IS) controls to mitigate such risk.

The CRISC designation not only certifies professionals who have knowledge and experience identifying and evaluating entity-specific risk, but also aids them in helping enterprises accomplish business objectives. CRISC is based on independent market research and input from thousands of subject matter experts from around the world as well as ISACA’s intellectual property including Risk IT and COBIT 4.1.

CRISC is for IT and business professionals who are engaged at an operational level to mitigate risk and who have job experience in the following areas:

• Risk identification, assessment and evaluation
• Risk response
• Risk monitoring
• IS control design and implementation
• IS control monitoring and maintenance
  
  
  

Why CRISC?   

CRISC demonstrates proven experience:  Employers can be assured that CRISC-certified professionals have the proven experience and knowledge to help enterprises accomplish business objectives such as:

• Effective and efficient operations
• Designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls
• Compliance with regulatory

CRISC enhances your professional recognition:  In business today, risk plays a critical role. Almost every business decision requires IT and business professionals to balance risk and reward. A CRISC designation will differentiate you with employers, clients and peers for your knowledge in designing, implementing and maintaining information systems controls to mitigate risk.