RSS Alerts

Share

More services

Related Links

  • CRISC
  • ISACA
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • Companies invest in IT, but do not measure IT value
    Despite 30% of IT security companies increasing their investments in IT this year, fewer than half have a shared understanding of IT value across the enterprise and two-thirds fail to fully measure it, according to ISACA.
  • ISACA leader calls for fundamental changes to IT security
    John Pironti, a senior member of ISACA, the not-for-profit IT security association with 86 000 members worldwide, has called for sweeping changes in the way enterprises across the US deal with information security.
  • Report says ISACA certifications earn top pay premiums
    Independent research just released confirms what many IT security professionals have guessed for some time, namely that security qualifications from ISACA allow employees to command the best premium in the jobs marketplace.
  • 5000th professional earns ISACA's CRISC certification
    ISACA, the not-for-profit IT security association, has reported the 5,000th candidate for the CRISC certification programme, which was introduced just 10 months ago.
  • What makes a CISO employable?
    The position of chief information security officer (CISO), or an equivalent role, is increasingly commonplace within business, government and the non-profit sectors. In 2009, approximately 85% of large organisations globally had a security executive, up from 56% in 2008 and 43% in 2006. Avtar Sehmbi examines the desirable skill-set for the role of CISO and asks industry peers what hiring executives are looking for when recruiting for this position

Top 5 Stories

News

ISACA launches risk management certification

15 January 2010

Security organization ISACA has launched a new risk management qualification for information security professionals. The Certified in Risk and Information Systems Control (CRISC) certification targets professionals in the IT area who use information security controls to manage risk in technology environments.

The certification will identify and measure skills related to risk identification, response, and monitoring, said ISACA. It will also evaluate professionals' ability to design, implement, monitor and maintain information security controls.

CRISC is designed to help employers identify experts in this field, explained ISACA. "We conducted an extensive amount of research globally and found that enterprises are becoming more risk-aware and are looking to identify professionals who possess the skills to help them protect their assets and enhance their businesses," said Urs Fischer, the chair of the CRISC task force within ISACA. "CRISC fills a gap that currently exists in the marketplace."

ISACA, which focuses on audit, risk, and governance disciplines, will administer the first CRISC examination next year, although it will be possible for professionals to be 'grandfathered in' without passing an exam. The organization will announce details of that scheme in April.

This is the fourth certification launched by ISACA. It also offers the Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and the Certified in the Governance of Enterprise IT (CGEIT), which is its most recent certification, launched in 2006.

ISACA is also the publisher of the Risk IT standard for managing risk in IT, and the COBIT standard for IT governance.

This article is featured in:
Compliance and Policy  • Security Training and Education

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012