Browse archive

Latest news

The CSO perspective on healthcare security and compliance

Jailed hacker designs device to thwart ATM card skimming

Cyber espionage campaign uses professionally-made malware

Form-grabbing rootkit sold on underground forums

Large cyber espionage emanating from India

Over 45% of IT pros snitch on their colleagues

U.S. DOD decides iPhones and iPads can connect to its networks

Digital Government Strategy progress and challenges

Barracuda updates web application firewall

Targeted data stealing attacks using fake attachments

New Mac spyware signed with legitimate Apple Developer ID

Thoughts on the need for anonymity

IT security jobs: What's in demand and how to meet it

Hacking charge stations for electric cars

CRISC certification: Reacting to a radically changing IT landscape

Posted on 06 February 2012.

The number of IT professionals seeking the CRISC (Certified in Risk and Information Systems Control) certification continues to rise rapidly. More than 16,000 professionals have earned the CRISC designation since the certification was introduced just over 18 months ago. This reflects a growing need among IT professionals to attain independent affirmation of their skill sets in response to the radically changing IT and business landscape, says global nonprofit IT association ISACA.

Professionals across a wide range of job functions that include IT, security, audit and compliance have earned the CRISC designation since April 2010. This number includes more than 1,200 CIOs, CISOs, and chief compliance, risk and privacy officers.

“CRISC is the result of significant market demand for a credential that recognizes experienced risk and control professionals, a demand that will only accelerate as vocal stakeholders demand better corporate governance and business performance and more secure infrastructures in 2012,” said Allan Boardman, CRISC, CISA, CISM, CGEIT, CA (SA), ACA, CISSP, chair of ISACA’s Credentialing Board and a risk officer at a global financial services firm. “The fact that even C-level professionals are pursuing CRISC certification shows that risk management is a strategic concern.”

Among the trends widely expected to dominate the IT landscape in 2012, ISACA has identified three that are especially critical to managing information risk: big data, the consumerization of information technology (bring your own device—BYOD) and the growing dominance of mobile devices. These trends can open the door to inadequate capacity planning and ineffective vendor management for cloud-based services. They also require IT professionals to be partners with the business on managing risk that affects all areas of the enterprise.

Similar to the growth of joint MIS and MBA degrees, ISACA predicts that the information systems profession will see a growing evolution away from a technology-only focus to a culture of consultants with the skills to partner with the business in using technology as an enabler.

CRISC examinations—a criterion for achieving the certification—are offered 9 June and 8 December 2012 at more than 240 locations around the world. Exam registration is open through 4 April 2012, but professionals can save US $50 if they register by 10 February.

Visit www.isaca.org/certification for details on ISACA certifications and deadlines.