Rolling Meadows, IL, USA (1 April 2010)— Professionals with eight or more years of IT and business experience can now apply for ISACA’s new Certified in Risk and Information Systems Control (CRISC) designation—without taking an exam—under a grandfathering program. The program, which opened today, is designed to recognize professionals who are highly experienced in the following domains:
- Risk identification, assessment and evaluation
- Risk response
- Risk monitoring
The grandfathering program will run from April 2010 through March 2011. The first CRISC exam will be administered in 2011.
“Enterprises around the world are rapidly realizing the importance of monitoring, controlling and benefiting from risk-related activities. The CRISC designation helps provide assurance to employers that professionals who earn it are experienced in identifying and evaluating the risks unique to their specific organization,” said Urs Fischer, chair of ISACA’s CRISC Task Force. “Earning CRISC also helps risk and control professionals demonstrate that they have the proven ability to design, implement, monitor and maintain effective risk-based information systems controls.”
ISACA, a global association of 86,000 IT governance, security, risk and assurance professionals, also administers three other certifications:
- Certified Information Systems Auditor (CISA), earned by 75,000 professionals since it was established in 1978
- Certified Information Security Manager (CISM), earned by 13,000 professionals since its inception in 2002
- Certified in the Governance of Enterprise IT (CGEIT), earned by more than 4,000 professionals since 2007
CRISC complements ISACA’s existing certifications:
- CISA is designed for IT professionals who perform independent reviews of control design and operational effectiveness; CRISC is for IT and business professionals who identify and manage risk, and design, implement and maintain IS controls.
- CISM is for individuals who manage, design, oversee and/or assess an enterprise’s information security, including the identification and management of information security risks; CRISC is for IT professionals whose roles also encompass operational and compliance considerations.
- CGEIT is for IT and business professionals who have a significant management, advisory or assurance role relating to the governance of IT, including risk management; CRISC is for IT and business professionals who identify, evaluate and monitor risk and are engaged at an operational level to mitigate risk.
Additional information about ISACA certifications is available at www.isaca.org/certification .
About ISACA
With more than 86,000 constituents in more than 160 countries, ISACA ® (www.isaca.org) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems (IS) assurance and security, enterprise governance of IT, and IT-related risk and compliance. Founded in 1969, ISACA sponsors international conferences, publishes the ISACA ® Journal , and develops international IS auditing and control standards. It also administers the globally respected Certified Information Systems Auditor™ (CISA ® ), Certified Information Security Manager ® (CISM ® ), Certified in the Governance of Enterprise IT ® (CGEIT ® ) and Certified in Risk and Information Systems Control™ (CRISC™) designations.
ISACA offers the Business Model for Information Security (BMIS) and the IT Assurance Framework (ITAF). It also developed and maintains the C OBI T ® , Val IT™ and Risk IT frameworks, which help IT professionals and enterprise leaders fulfill their IT governance responsibilities and deliver value to the business.
Contact:
Kristen Kessinger, +1.847.660.5512, news@isaca.org
Joanne Duffer, +1.847.660.5564, news@isaca.org