< Back

Risk-Management : Information Systems : Certification

ISACA Certifies 1,000th CRISC

New Designation Recognizes Experienced Risk and Control Professionals

Urs Fischer
Chair of the CRISC Certification Committee
ISACA and the IT Governance Institute

Four months into its rigorous grandfathering program for the Certified in Risk and Information Systems Control (CRISC) designation, ISACA has issued the 1,000th certificate.
The grandfathering program enables highly experienced professionals to earn the CRISC credential without taking an exam. ISACA, a nonprofit association of more than 95,000 IT professionals worldwide, requires applicants to prove at least eight years of IT or business experience, with six of those in any of the CRISC (pronounced “see risk”) domain areas and three in the risk-related domains:

  • Risk identification, assessment and evaluation
  • Risk response
  • Risk monitoring
  • IS control design and implementation
  • IS control monitoring and maintenance

“ISACA established CRISC as a result of significant market demand for a credential that recognizes experienced risk and control professionals,” said Urs Fischer, CISA, CRISC, chair of the CRISC Certification Committee. “These individuals are seeking a designation that demonstrates a proven ability to design, implement, monitor and maintain effective risk-based information systems controls—and employers are benefiting from the ability to easily identify these professionals.”
Since 1 April 2010, candidates from more than 83 countries have applied for CRISC certification. The early-bird deadline for the grandfathering program is 31 October 2010, but the program will remain open through March 2011. The first CRISC exam will be administered in June 2011.
“I believe that CRISC will be the global industry standard for risk management, and I highly recommend that risk and control professionals pursue this certification,” said Michael Peters, CRISC, chief information security officer (CISO) of CrossView Inc. “Organizations are increasingly recognizing that effectively managing risks is good for the bottom line and they want to find the most qualified candidates for this critical responsibility.”
ISACA also administers the following three certifications, which are globally recognized by many industries, government entities and professionals:

  • Certified Information Systems Auditor (CISA), earned by 75,000 professionals since 1978
  • Certified Information Security Manager (CISM), earned by 13,000 professionals since 2002
  • Certified in the Governance of Enterprise IT (CGEIT), earned by more than 4,000 professionals since 2007

Additional information about ISACA certifications is available at  

With 95,000 constituents in 160 countries, ISACA® ( <> ) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. Founded in 1969, the nonprofit, independent ISACA hosts international conferences, publishes the ISACA® Journal, and develops international IS auditing and control standards, which help its constituents ensure trust in, and value from, information systems. It also advances and attests IT skills and knowledge through the globally respected Certified Information Systems Auditor™ (CISA®), Certified Information Security Manager® (CISM®), Certified in the Governance of Enterprise IT® (CGEIT®) and Certified in Risk and Information Systems Control™ (CRISC™) designations.
ISACA continually updates COBIT®, which helps IT professionals and enterprise leaders fulfill their IT governance and management responsibilities, particularly in the areas of assurance, security, risk and control, and deliver value to the business.

About Us Editorial

© 2019 Simplex Knowledge Company. All Rights Reserved.   |   TERMS OF USE  |   PRIVACY POLICY