Prerequisites
The Certified in Risk and Information Systems Control (CRISC) certification is the most current and rigorous assessment available to evaluate the risk management proficiency of IT professionals and other employees within an enterprise or financial institution.
Achieving CRISC certification validates that you have the knowledge and expertise to help companies understand business risk. It also confirms that you have the technical knowledge to implement appropriate information system (IS) controls.
Required Exams
About the CRISC Exam
You will have four hours to answer 150 questions based on the four domains:
- Domain 1: Risk Identification
- Domain 2: Risk Assessment
- Domain 3: Risk Response and Mitigation
- Domain 4: Risk and Control Monitoring and Reporting
Recommended Courses
Recertification
The CRISC continuing professional education (CPE) policy requires that you attain at least 20 CPE hours per year and 120 CPE hours every three years.