CRISC certification: Reacting to a radically changing IT landscape

The number of IT professionals seeking the CRISC (Certified in Risk and Information Systems Control) certification continues to rise rapidly. More than 16,000 professionals have earned the CRISC designation since the certification was introduced just over 18 months ago. This reflects a growing need among IT professionals to attain independent affirmation of their skill sets in response to the radically changing IT and business landscape, says global nonprofit IT association ISACA.

Professionals across a wide range of job functions that include IT, security, audit and compliance have earned the CRISC designation since April 2010. This number includes more than 1,200 CIOs, CISOs, and chief compliance, risk and privacy officers.

“CRISC is the result of significant market demand for a credential that recognizes experienced risk and control professionals, a demand that will only accelerate as vocal stakeholders demand better corporate governance and business performance and more secure infrastructures in 2012,” said Allan Boardman, CRISC, CISA, CISM, CGEIT, CA (SA), ACA, CISSP, chair of ISACA’s Credentialing Board and a risk officer at a global financial services firm. “The fact that even C-level professionals are pursuing CRISC certification shows that risk management is a strategic concern.”

Among the trends widely expected to dominate the IT landscape in 2012, ISACA has identified three that are especially critical to managing information risk: big data, the consumerization of information technology (bring your own device—BYOD) and the growing dominance of mobile devices. These trends can open the door to inadequate capacity planning and ineffective vendor management for cloud-based services. They also require IT professionals to be partners with the business on managing risk that affects all areas of the enterprise.

Similar to the growth of joint MIS and MBA degrees, ISACA predicts that the information systems profession will see a growing evolution away from a technology-only focus to a culture of consultants with the skills to partner with the business in using technology as an enabler.

CRISC examinations—a criterion for achieving the certification—are offered 9 June and 8 December 2012 at more than 240 locations around the world. Exam registration is open through 4 April 2012, but professionals can save US $50 if they register by 10 February.

Visit for details on ISACA certifications and deadlines.


Subscribe to the Help Net Security breaking news e-mail alerts:

More about

Don't miss