Browse Definitions :
Definition

Certified in Risk and Information Systems Control (CRISC)

Certified in Risk and Information Systems Control (CRISC) is a certification program that recognizes knowledge and training in the field of risk management for IT. CRISC is one of many certifications available from Information Systems Audit and Control Association (ISACA) which is accredited by the American National Standards Institute (ANSI).

CRISC can provide IT security professionals with a visible marker of experience and knowledge in risk management for enterprise and financial sectors. The certification is useful for independent consultants, as well as those working for enterprise directly in IT operations, security and other areas. CRISC provides a respected and recognized credential for experienced IT staff who have studied security and garnered the skills needed to understand and manage IT risk.

CRISC Areas of Risk Management

CRISC breaks down areas of risk management specialization into 4 domains:

  1. Identifying risks.
  2. Assessing risks.
  3. Responding to and mitigating risks.
  4. Controlling, monitoring and reporting about risks.

Within these domains, CRISC measures an individual’s ability to deal with risks in an enterprise business and to use information system controls.

Prerequisites for CRISC include three years’ experience in a risk management role with one year at least in domain 1 or 2. Candidates must agree to uphold the ISACA professional code of ethics and comply with the continued education policy. The certification has one requisite exam with 150 questions.

This was last updated in March 2018

Continue Reading About Certified in Risk and Information Systems Control (CRISC)

Networking
  • Network as a Service (NaaS)

    Network as a service, or NaaS, is a business model for delivering enterprise WAN services virtually on a subscription basis.

  • network configuration management (NCM)

    Network configuration management is the process of organizing and maintaining information about all of the components in a ...

  • presentation layer

    The presentation layer resides at Layer 6 of the Open Systems Interconnection (OSI) communications model and ensures that ...

Security
  • crypto wallet (cryptocurrency wallet)

    A crypto wallet (cryptocurrency wallet) is software or hardware that enables users to store and use cryptocurrency.

  • zero-day (computer)

    A zero-day is a security flaw in software, hardware or firmware that is unknown to the party or parties responsible for patching ...

  • backdoor (computing)

    A backdoor attack is a means to access a computer system or encrypted data that bypasses the system's customary security ...

CIO
HRSoftware
  • team collaboration

    Team collaboration is a communication and project management approach that emphasizes teamwork, innovative thinking and equal ...

  • employee self-service (ESS)

    Employee self-service (ESS) is a widely used human resources technology that enables employees to perform many job-related ...

  • learning experience platform (LXP)

    A learning experience platform (LXP) is an AI-driven peer learning experience platform delivered using software as a service (...

Customer Experience
  • market basket analysis

    Market basket analysis is a data mining technique used by retailers to increase sales by better understanding customer purchasing...

  • marketing stack

    A marketing stack, also called a marketing technology stack, is a collection of technologies used by marketers to perform, ...

  • social media influence

    Social media influence is a marketing term that describes an individual's ability to affect other people's thinking in a social ...

Close