News and Events

In respond to the market demand, ISACA introduced a new risk-related certification - The Certified in Risk and Information Systems Control (CRISC) (pronounced “see risk”) in 2010.

The certification was designed for IT and business professionals who identify and manage risks through the development, implementation and maintenance of appropriate information systems (IS) controls.  These professionals help enterprises accomplish business objectives such as effective and efficient operations, reliable financial reporting, and compliance with regulatory requirements.

The CRISC designation focuses on:

- Risk identification, assessment and evaluation

- Risk response

- Risk monitoring

- IS control design and implementation

- IS control monitoring and maintenance

A grandfathering program that enables professionals with at least eight years of relevant experience to apply for the CRISC certification without taking the exam will be available in April 2010.  The first CRISC exam will be administered in the second half of 2011.

Additional information is available at