Certified in Risk and Information Systems Control™
Since its introduction in 2010, more than 24,000 professionals have obtained ISACA®’s Certified in Risk and Information Systems Control™ (CRISC™) certification. The designation demonstrates to employers that the holder is able to identify, evaluate and manage information systems and technology risk, and help enterprises achieve their business objectives.
About the Certification
- Awarded by Information Systems Audit and Control Association (ISACA)
- Prepares and enables IT professionals for the unique challenges of IT and enterprise risk management, and positions them to become strategic partners to the enterprise
- Domain 1 — IT Risk Identification (27%)
- Domain 2 — IT Risk Assessment (28%)
- Domain 3 — Risk Response and Mitigation (27%)
- Domain 4 — Risk and Control Monitoring and Reporting (22%)
- 21-hour intensive examination preparation workshop
- Conducted by renowned, experienced industrial expert
- Real case study will be adopted with experience sharing
- Eligible for 21 units of PDU / CPE
All certification exams consist of 150 multiple choice questions that cover the respective job practice areas created from the most recent job practice analysis. Candidates have up to 4 hours (240 minutes) to complete the exam.
Exam Fee for ISACA Member: US $575
Exam Fee for ISACA Non-member: US $760
- Successful completion of the CRISC examination
- A minimum of at least three (3) years of cumulative work experience performing the tasks of a CRISC professional across at least two (2) of the four (4) CRISC domains is required for certification. Of these two (2) required domains, one (1) must be in either Domain 1 or 2. There are no substitutions or experience waivers.
- Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours is required during a fixed 3-year period.
Mr. Anthony Lim, CRISC™, CCSP®, CSSLP®
- Asia Pacific long-time iconic information security, cyber-security and governance professional, practitioner and advocate, with nearly 20 year's experience
- Specialized focus on application security since 2006
- Popular speaker and content-provider for many local, regional and international industry, business, government, academic, defense and think-tank conferences and media (broadcast, internet, print)
- Sat on several government security & governance
committees in Singapore and the region