What does the CRISC exam cover?
The certification examination will test you on the following domains, which are shown with their average weights:
- Domain 1: IT Risk Identification (27%)
- Domain 2: IT Risk Assessment (28%)
- Domain 3: Risk Response and Mitigation (23%)
- Domain 4: Risk and Control Monitoring and Reporting (22%)
To increase your chances of becoming certified, you can find exam study materials here.
When will I receive my examination score?
Certification candidates will be able to view their preliminary results upon completing their examination. Their official scores are communicated within 10 working days.
What if I do not pass the exam the first time?
If you do not pass the first time, you can retake the exam three more times within 12 months from the date of your first attempt. However, you will need to wait 30 days after your first attempt. If you need to retake the exam for the third time, you need to wait 90 days after the second attempt. For those retaking the exam for the fourth time, a waiting period of 90 days after the third attempt is required.
Will I need to maintain my certification status?
Yes, you will need to comply with the following requirements to retain your CRISC certification:
- Earn and report a minimum of 20 Continuing Professional Education (CPE) hours annually
- Earn and report a minimum of 120 CPE hours for a period of three years
- Pay the annual maintenance fee
- Comply with the CPE audit if selected
- Comply with the Code of Professional Ethics
What will happen to my certification status if I no longer practice or decide to retire?
ISACA offers a Non-Practicing and a Retired status for professionals as long as they meet certain requirements.
The Non-Practicing status is provided to active certification holders who have short- or long-term unemployment or disability, no longer work in the field but wish to retain their certification, or have extenuating circumstances which have been approved by the Certification Working Group. Non-practicing CRISC professionals will need to pay the annual maintenance fee even if they do not earn CPEs.
As for the Retired status, this is provided to professionals who are above 55 years of age and have retired from their profession, or those unable to perform specific job functions due to permanent disability. Unlike the Non-Practicing status, practitioners cannot return to Active once they retire. They will need to re-take and pass the certification exam before re-applying for the certification.