LER.me

Make All Learning Count.

Get Connected

  • What is a LER?
  • FAQs (opens in new tab)
  • Partner with Us
  • Visit EBSCOed (opens in new tab)

View our Policies

  • Accessibility (opens in new tab)
  • Standards (opens in new tab)
  • Terms of Use (opens in new tab)
  • Privacy Policy (opens in new tab)
  • Opt out (opens in new tab)

Get the app

Get it on Google PlayDownload on the App Store

© 2026 All rights reserved.

Powered by EBSCOed

Skip to main contentSkip to footer
  • Live Data
My LER
My LER
  1. Programs
  3. Certified in Risk and Information Systems Control (CRISC)

Certified in Risk and Information Systems Control (CRISC)

ISACA

Certification

Become a contributor for free to openly demonstrate student outcomes, industry alignment & eligibility criteria.

A Certified in Risk and Information Systems Control® (CRISC®) certification demonstrates your IT risk management expertise. By taking a proactive approach, you will learn how to enhance your organization’s business resilience, deliver stakeholder value and optimize risk management across the enterprise. As a CRISC, you will be ready to address emerging technology, including AI risk assessment and general best practices for risk management and mitigation related to AI data governance and ethics.

Cost

Application Processing Fee: US$50Show moreShow less

Format

Hybrid

Eligibility Calculator

Which aid programs apply to this program?

Record QualityEligibility Calculators
Loading Skills & Competencies
Program Pathways

Credentials this program stacks toward

No program pathways.

Loading What You'll Learn
Program Details

Detailed information about this program

Validate your proficiencies for handling the challenges and responsibilities of a modern risk management expert with a CRISC, which focuses on these domains: - Corporate IT Governance - Risk Assessment - Risk Response & Reporting - Technology and Security Getting ready for the exam ISACA offers a variety of CRISC exam preparation resources including group training, self-paced training and study resources in various languages to help you prepare for your CRISC certification exam. We also have our online Engage community where you can reach out to peers for CRISC exam guidance. Choose what works for your schedule and your studying needs. How to become certified Taking and passing the CRISC certification exam is just the first step in becoming certified. To become CRISC certified, an individual must first meet the following requirements: - Pass the certification exam - Pay the US$50 application processing fee - Submit application to demonstrate experience requirements - Adhere to the Code of Professional Ethics - Adhere to the Continuing Professional Education Policy Candidates have five years from passing the exam to apply for CRISC certification.

Requirements

What you need to earn this credential

No requirements listed.

Financial Aid

Eligible funding programs

No funding information available.

Scholarships

No scholarships listed.

Visit Program Website
Locations

Where this program is offered

No locations specified.

Loading Student Outcomes
Related Programs

Programs related to this one

No related programs.

Skills & Competencies

Skills developed through this program

  • Collect, review, and evaluate existing information regarding the organization’s business and information system environments
  • Identify potential or realized impacts of information system risk to the organization’s business objectives and operations
  • Identify threats and vulnerabilities to the organization’s people, processes, and technologies
  • Evaluate threats, vulnerabilities, and risk to create information system risk scenarios
  • Establish accountability by assigning and validating appropriate levels of risk and control ownership
  • Maintain or establish the information system risk register and incorporate it into the enterprisewide risk profile
Career Pathways

Occupations this program prepares you for

  • Information Security Analysts15-1212.00
What You'll Learn

Key competencies developed through this program

Auto-populated·from NSX Competency Framework

Mastery: developing (Level 2)(based on Certification)

  • Multi-source alert investigations — correlate across SIEM, EDR, identity, and network with reduced oversight.
  • Routine incident response — execute tier-2 containment and eradication on familiar threat types.
  • Vulnerability prioritization — assess CVSS, exploitability, and asset context to drive patching decisions.
  • Threat-intel ingestion and operationalization — turn IOCs and TTPs into detection rules.
  • Cloud-security configuration (AWS, Azure, GCP IAM and network controls) — review and remediate in routine cases.
  • Detection engineering (basic SIEM queries, custom rules) — write and tune for the SOC's standard threats.
  • Junior analysts on alert triage — coach during their first 90 days.
  • On-call shifts in the SOC rotation — handle independently with senior backstop.
  • Compliance audit evidence collection — produce for SOC 2 / ISO 27001 cycles without manager involvement.
  • Tabletop exercises — participate substantively in SOC and broader-IR drills.

Some details on this page are auto-populated from public workforce data sources: O*NET (opens in new tab), BLS (opens in new tab), College Scorecard (opens in new tab), DOL Training Provider Results (opens in new tab), NSX (opens in new tab). Provided in partnership with LER.me Career Intelligence.

Student Outcomes

Performance metrics for this program

Completion Rate
Not reported
Placement Rate
Not reported