For 20 years InfoSec has been one of the most awarded and trusted information security training vendors — 40+ industry awards!
We offer peace of mind with our Exam Pass Guarantee for Flex Pro students.
InfoSec Institute training courses have received 10,000+ 5-star reviews from our students!
The Certified in Risk and Information Systems Control™ certification (CRISC™, pronounced “see-risk”) is designed for IT professionals who have hands-on experience with risk identification, assessment and evaluation; risk response; risk monitoring; IS control design and implementation; and IS control monitoring and maintenance.
The CRISC certification indicates that professionals have knowledge and experience identifying and evaluating entity-specific risk, as well as the ability to help enterprises accomplish business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls.
Exam Pass Guarantee — If you don’t pass your exam on the first attempt, get a second attempt for free; includes the ability to re-sit the course for free for up to one year
100% Satisfaction Guarantee — If you’re not 100% satisfied with your training at the end of the first day, you may enroll in a different Flex Pro or Flex Classroom course
Knowledge Transfer Guarantee — If an employee leaves within three months of obtaining certification, InfoSec Institute will train a different employee at the same organization tuition-free for up to one year
InfoSec Institute’s CRISC course extensively prepares students for the CRISC exam, which consists of 150 multiple-choice questions that cover the four IT risk and control areas. These areas have been created from a CRISC job practice analysis and reflect the work performed in IT risk identification, assessment, response, mitigation and monitoring.
The 4 domains as required by ISACA include:
Industry-Leading Exam Pass Rates — 93% of our students pass their certification exams on their first attempt
Training to Fit Your Schedule — In addition to Flex Pro, the highest-quality live online training in the industry, InfoSec Institute offers Flex Classroom training around the country and learn-at-your-own pace Flex Basic courses
Experienced Instructors — InfoSec Institute instructors have at least 10 years of industry training experience and are professionals with active roles in the industry
Most Thorough Exam Prep Services Available — Students get free exam readiness testing through SkillSet.com as well as advanced access to all course materials
CRISC is for IT professionals, risk professionals, business analysts, project managers and compliance professionals who work towards evaluation and mitigation of risk, and who have job experience in the following areas:
- Three full days of intense instruction with no outside distractions
- CRISC digital course textbook
- Detailed reporting on exam readiness via your Flex Center (Flex Pro)
- CRISC exam voucher
- 100% Satisfaction Guarantee
- Exam Pass Guarantee (Flex Pro)
- Add-on: Video replays of daily lessons
Great instructor and was very knowledgeable in the field but the real bonus was his ability to convey the material in a manner that was easy to comprehend and retain.
We will never share any of your information, spam you or annoy you with pushy sales pitches.
Professionals in the IT risk and control field often seek certification in order to hone their skills and prove their legitimacy among peers. Professional development is a key motivator for CRISC candidates, as they wish to implement effective and risk-based information system controls for their organizations.
Aspiring candidates must have three cumulative years of work experience in the fields of IT risk management and IS control, performing the tasks of a CRISC professional. There are no substitutions or experience waivers for this particular ISACA credential. Click here for more info on CRISC prerequisites.
In order to define the task domains of IT risk and control, ISACA has provided a Job Practice article. Note that work experience must be gained from at least two of the four domains, and that one of these domains must be either domain 1 or domain 2. Click here to view the definitions of the four domains.
The CRISC exam is a 150 question, multiple choice test that must be completed in a timeframe of four hours. It is scored on a scale of 200 to 800, with 450 points being the minimum passing score. Click here for more exam information.
Absolutely. Live online Flex Pro participants of our training boot camps have access to every resource that Flex Classroom participants have, as well as valuable one-on-one instructor feedback. In addition, they get full access to all of the features in their InfoSec Flex Center — plus receive an Exam Pass Guarantee.
The exam consists of questions pulled from each of the four CRISC Job Practice Area domains. These are as follows: IT Risk Identification (27%), IT Risk Assessment (28%), Risk Response and Mitigation (23%), and Risk and Control Monitoring and Reporting (22%). Click here for a detailed breakdown of each domain.
InfoSec Institute’s CRISC training boot camp is an intensive, three-day course designed to eliminate outside distractions. We provide award-winning training from the top security experts in the industry—so that you can join the 93% of our students who successfully pass their exam upon completion of our course! We also offer an Exam Pass Guarantee, which allows you to focus exclusively on the world of IT risk and control.
The CRISC is for IT professionals — specifically individuals that perform risk management and implement internal controls. The closest certification to the CRISC is probably IIA’s CRMA certification, which is more oriented towards internal auditors, specifically those assessing risk management processes.
Like other ISACA certifications, the CRISC is valid for three years after you pass the exam. However, certain terms must be met. There is an annual maintenance fee that must be paid, and CRISC holders must participate in ISACA’s CPE (Continuing Professional Education) program, reporting 20 CPE hours annually. For more renewal information, click here.
Yes! The CRISC voucher is included for all participants of our CRISC training boot camp.
Our #1 tip is to enroll in an exam training course, like the one offered here. InfoSec Institute students have the highest exam pass rate in the industry — 93%! Other resources to help you study include ISACA’s certified Review Manual and Test Exam, which can be purchased by clicking here. For more training strategies, click here.
Your CRISC credential proves that you’re a dedicated professional in the field, and can help you land a high-paying job in IT risk and control. Common job titles include: Project Manager, Business Analyst, Chief Information Officer, Control Professional, IT Risk Management Professional, and many more. Click here for more job titles and related descriptions.
CRISC professionals earn an average of $127,507 annually, making the CRISC the highest-paying IT certification available. Click here for more salary data.