Certified in Risk and Information Systems Control


Experts in identifying and managing enterprise IT risk

CRISC affirms you have the expertise to face the unique challenges of IT and enterprise risk management

Secure business objectives

Contribute to the execution of the IT risk management strategy in support of business objectives and security strategies

Master the essential skills

Identify potential threats and vulnerabilities to the organization’s people, processes and technology to enable IT risk analysis

Become an industry expert

Evaluate IT risk to determine the likelihood and impact on business objectives to enable risk-based decision making

The premier credential in IT risk management

CRISC indicates expertise in identifying and managing enterprise IT risk and implementing and maintaining information systems controls.

CRISC is ideal for mid-career professionals engaged in enterprise risk management and control. CRISC can give you the knowledge, expertise, and credibility in your interactions with internal and external stakeholders, peers and regulators. CRISC prepares IT professionals for real-world threats with relevant tools to assess, govern and mitigate risk. 

What Skills Will You Learn?

Methods to analyze and evaluate IT risk to determine the likelihood and impact on business objectives to enable risk-based decision making

Industry best practices to continuously monitor and report on IT risk and controls to relevant stakeholders

Methods to identify the current state of existing controls and evaluate their effectiveness for IT risk mitigation

 Techniques for assisting control owners in developing control procedures and documentation to enable efficient and effective control execution

Techniques to facilitate the identification of metrics and key performance indicators (KPIs) to enable the measurement of control performance

Techniques to collaborate with risk owners on the development of risk action plans to ensure that plans include key elements

Methods to identify the risk appetite and tolerance defined by senior leadership and key stakeholders

How to apply secure configurations to enterprise mobility or configure and implement endpoint security controls

The average salary for CRISC certified professionals in the United States is $117,000 a year

Top Jobs That Require or Benefit from a CRISC Certification

  • IT Risk Analyst
  • Data Privacy Engineer
  • Data Privacy Analyst
  • GRC Analyst
  • Security Engineer
  • Technical Analyst
  • SOC Compliance Analyst
  • Information Systems Security Officer
  • Security Consultant

Learn From the Comfort of Your Home

Self Paced Training

  • Official CRISC Question, Answers & Explanations Database
    • 1 Year subscription to over 1000+ sample exams questions, including two full-length timed CRISC practice exams!
  • Official Review Manual
    • A comprehensive and easy-to-navigate study manual that reinforces the important concepts covered in the CRISC exam!
  • Exam Voucher