Become a CRISC and defend, protect and future- proof your enterprise

Become a CRISC and defend, protect and futureproof your enterprise

sumber gambar: http://resources.infosecinstitute.com/wp-content/uploads/crisc.jpg

Satria Adirha
2001557602

The Certified in Risk and Information Systems Control (CRISC) certification is the most current
and rigorous assessment available to evaluate the risk management proficiency of IT professionals and
other employees within an enterprise or financial institution. Achieving CRISC certification validates that
you have the knowledge and expertise to help companies understand business risk. It also confirms that
you have the technical knowledge to implement appropriate information system (IS) controls.
Certified in Risk and Information Systems Control (CRISC) is an ISACA certification since 2010,
accredited to ISO 17024, and is a global standard for information technology professionals who are
experienced in managing IT risks. Certified CRISC demonstrates knowledge and expertise to help
organizations understand business risks, as well as technical knowledge in implementing appropriate
information system controls. This certification has earned more than 18,000 professionals in the world
and ranked first in the Top Six GRC Certification List (CIO Magazine, 2015) and earned Gold Winner for
Best Professional Certification Program (SC Magazine Awards, 2013).

Why Become a CRISC?
a) Enhanced Knowledge and Skills
1. To demonstrate your willingness to improve your technical knowledge and skills
b) Career Advancement
1. To demonstrate to management your commitment toward organizational excellence
2. To obtain credentials that employers seek
3. To enhance your professional image
c) Worldwide Recognition
1. To be included with other professionals who have gained worldwide recognition

CRISC in Workplace
1. Nearly 600 are employed in organizations as the CEO, CFO or equivalent executive position.
2. More than 400 serve as chief audit executives, audit partners or audit heads.
3. Over 1,200 serve as CIOs, CISOs, or chief compliance, risk or privacy officers.
4. More than 3,500 are employed as security directors, managers or consultants and related
staff.
CRISCs by Job Title

CRISC Certification Focuses
1. Risk Identification, Assessment and Evaluation
Identify, assess and evaluate risk to enable the execution of the enterprise risk management
strategy.
2. Risk Response
Develop and implement risk responses to ensure that risk issues, opportunities and events are
addressed in a cost-effective manner and in line with business objectives.
3. Risk Monitoring
Monitor risk and communicate information to the relevant stakeholders to ensure the
continued effectiveness of the enterprise‘s risk management strategy.
4. IS Control Desing and Implementation
Design and implement IS controls in alignment with the organisation‘s risk appetite and
tolerance levels to support business objectives.
5. IS Control Monitoring and Maintenance
Monitor and maintain IS controls to ensure they function effectively and efficiently.

daftar pustaka / sumber penulisan:
– http://www.bka.lt/uploads/naujienos/isaca%20konferencija/CRISC_BKA.pdf
– https://www.globalknowledge.com/us-en/training/certification-
prep/topics/cybersecurity/section/isaca/certified-in- risk-and- information-systems-
control/
– http://auditorinternal.com/2010/02/04/crisc%E2%84%A2-sertifikasi- profesi-baru- dari-
isaca/
– http://transforma.co.id/crisc-certified- risk-information- systems-control- review-2016- 7-
11-nov- 2016/
– http://www.isaca.org/certification/crisc-certified- in-risk- and-information- systems-
control/pages/default.aspx