What designation would be most appropriate for those professionals Processing IT audit control and security skills?

For 50 years and counting, ISACA® has been helping information systems governance, control, risk, security, audit/assurance and business and cybersecurity professionals, and enterprises succeed. Our community of professionals is committed to lifetime learning, career progression and sharing expertise for the benefit of individuals and organizations around the globe.

Today, we also help build the skills of cybersecurity professionals; promote effective governance of information and technology through our enterprise governance framework, COBIT® and help organizations evaluate and improve performance through ISACA’s CMMI®. We serve over 165,000 members and enterprises in over 188 countries and awarded over 200,000 globally recognized certifications. ISACA is, and will continue to be, ready to serve you.

Validate your expertise and experience. Whether you are in or looking to land an entry-level position, an experienced IT practitioner or manager, or at the top of your field, ISACA® offers the credentials to prove you have what it takes to excel in your current and future roles.

Take advantage of our CSX® cybersecurity certificates to prove your cybersecurity know-how and the specific skills you need for many technical roles. Likewise our COBIT® certificates show your understanding and ability to implement the leading global framework for enterprise governance of information and technology (EGIT). More certificates are in development. Beyond certificates, ISACA also offers globally recognized CISA®, CRISC™, CISM®, CGEIT® and CSX-P certifications that affirm holders to be among the most qualified information systems and cybersecurity professionals in the world.

ISACA® is fully tooled and ready to raise your personal or enterprise knowledge and skills base. No matter how broad or deep you want to go or take your team, ISACA has the structured, proven and flexible training options to take you from any level to new heights and destinations in IT audit, risk management, control, information security, cybersecurity, IT governance and beyond.

ISACA delivers expert-designed in-person training on-site through hands-on, Training Week courses across North America, through workshops and sessions at conferences around the globe, and online. Build on your expertise the way you like with expert interaction on-site or virtually, online through FREE webinars and virtual summits, or on demand at your own pace.

Get in the know about all things information systems and cybersecurity. When you want guidance, insight, tools and more, you’ll find them in the resources ISACA® puts at your disposal. ISACA resources are curated, written and reviewed by experts—most often, our members and ISACA certification holders. These leaders in their fields share our commitment to pass on the benefits of their years of real-world experience and enthusiasm for helping fellow professionals realize the positive potential of technology and mitigate its risk.

Available 24/7 through white papers, publications, blog posts, podcasts, webinars, virtual summits, training and educational forums and more, ISACA resources.

Home / Credentialing / CRISC

CRISC

Updated CRISC Exam Available Now!

CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders.

Whether you are seeking a new career opportunity or striving to grow within your current organization, a CRISC certification proves your expertise in these work-related domains:

• 32%

  Risk Response and Reporting

• 22%

  Information Technology and Security

Exam Content Outline

Register for the Exam Online Anytime

Select from print, online, self-paced and instructor-led training and study materials designed to suit your learning style.

The final step to becoming CRISC certified is to submit your CRISC Certification Application. Prior to doing so, you must meet the following requirements:

• Pass the CRISC Exam within the last 5 years.
• Have the relevant full-time work experience in the CRISC exam content outline.
• Submit the CRISC Certification Application including the application processing fee.

APPLY FOR CERTIFICATION

The goal of the continuing professional education (CPE) policy is to ensure that all CRISCs maintain an adequate level of current knowledge and proficiency in the field of privacy. This proves to your peers and external and internal stakeholders that your skills and knowledge are always up to date and relevant.

LEARN MORE

While studying for your CRISC exam, explore our lists of terms that will appear on the test. See the terms in English alongside how they will appear in the other languages offered.

Download Now: Chinese Simplified | Korean | Spanish 

The CCSP exam evaluates your expertise across six security domains. Think of the domains as topics you need to master based on your professional experience and education.

CCSP Domains

• Domain 1. Cloud Concepts, Architecture and Design
• Domain 2. Cloud Data Security
• Domain 3. Cloud Platform & Infrastructure Security
• Domain 4. Cloud Application Security
• Domain 5. Cloud Security Operations
• Domain 6. Legal, Risk and Compliance

CCSP Exam Outline

Register for Your CCSP Exam

Don’t wait. If you’re ready to pursue the CCSP certification, commit yourself now by registering for the exam.

Schedule your exam by creating an account with Pearson VUE, the leading provider of global, computer-based testing for certification and licensure exams. You can find details on testing locations, policies, accommodations and more on their website.

Register Now

Get CCSP Training that's Right for You

With self-paced or instructor-led online and classroom courses, (ISC)² has a training option to fit your schedule and learning style. Trainings, seminars, courseware and self-study aids directly from (ISC)² or one of our many Official Training Providers help you get ready for the rigorous CCSP exam by reviewing relevant domains and topics. Visit the (ISC)² Training Finder to register for the course that best meets your needs, including:

(ISC)² Self-Study Tools Keep Your Skills Sharp

Studying on your own or looking for a supplement to your seminar courseware? Check out our official self-study tools:

• Official textbooks: What you need to know to be successful and review relevant domains.
• Official study guides: Strengthen your knowledge in a specific domain and get in more exam practice time.
• Official study app and flash cards: Prepare for the CCSP exam anytime, anywhere.
• Official practice tests: Take full practice tests.

To qualify for this cybersecurity certification, you must pass the exam and have at least five years of cumulative, paid work experience in information technology, of which three years must be in information security, and one year in one or more of the six domains of the (ISC)² CCSP Common Body of Knowledge (CBK).

Learn more about CCSP Experience Requirements and how earning CSA’s CCSK certificate can be substituted for one year of experience, or how earning (ISC)²’s CISSP credential can be substituted for the entire CCSP experience requirement.

Don’t have enough experience yet? You can still pass the CCSP exam and become an Associate of (ISC)² while you earn the required work experience.

Complete the Endorsement Process

Once you receive notification that you have successfully passed the exam, you can start the online endorsement process. This process attests that your assertions regarding professional experience are true and that you are in good standing within the cybersecurity industry.

Agree to the (ISC)² Code of Ethics

All information security professionals who are certified by (ISC)² recognize that such certification is a privilege that must be both earned and maintained. All (ISC)² members are required to commit to fully support (ISC)² Code of Ethics Canons:

• Protect society, the common good, necessary public trust and confidence, and the infrastructure.
• Act honorably, honestly, justly, responsibly, and legally.
• Provide diligent and competent service to principals.
• Advance and protect the profession.

Pay Your First Annual Maintenance Fee

Annual Maintenance Fees (AMFs) are used by (ISC)² to support the costs of maintaining the (ISC)² certifications and related support systems.

(ISC)² certified members pay a single AMF of U.S. $125 which is due each year upon the anniversary of their certification date. Members only pay a single AMF of U.S. $125 regardless of how many certifications they earn. AMFs for members with multiple certifications are due on their earliest certification anniversary.

Associates of (ISC)² pay an AMF of U.S. $50 which is due each year upon the anniversary of achieving their associate status.

Learn more about AMFs here.

Once you are certified and become an (ISC)² member, you’re a part of a global community of certified cybersecurity professionals focused on inspiring a safe and secure cyber world. In addition to that extensive network, a wealth of continuing education opportunities help you keep your skills sharp, informed of the latest trends and best practices, and ensures your expertise remains relevant throughout your career. Learn more about (ISC)² member benefits.