The IT Certification Resource Center

Featured Deal

Get CompTIA, Cisco, or Microsoft training courses free for a week.
Learn More ❯

ISACA’s CISM, CRISC Among Highest-paying IT Certifications

Rolling Meadows, IL, USA —ISACA’s Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC) credentials have been named two of the highest-paying IT certifications in the latest Foote Partners’ IT Skills and Certifications Pay IndexTM (ITSCPI). The recognition shows that employers are investing in professionals with specific IT skill sets that demonstrate the knowledge and expertise to address current and emerging challenges such as cloud computing and big data.

ISACA, a nonprofit association of more than 100,000 IT governance professionals in 180 countries, advances and attests IT skills and knowledge through four certifications:  Certified Information Systems Auditor (CISA); (CISM); Certified in the Governance of Enterprise IT (CGEIT) and CRISC.

“ISACA’s rigorous certification programs are designed to help IT professionals demonstrate to their employers their abilities to help the enterprise improve trust in, and value from, information systems,” said Allan Boardman, CISA, CISM, CGEIT, CRISC, CA (SA), ACA, CISSP, chair of ISACA’s Credentialing Board and risk manager at a global investment bank. “As the Foote Partners’ report indicates, professionals who hold the CISM or CRISC certifications are earning especially high premiums for their efforts and are strongly valued for their contributions to the overall enterprise.”

Since its introduction 10 years ago, the CISM credential has become recognized worldwide as a symbol of excellence in information security, and has been earned by nearly 20,000 professionals. The certification affirms to employers that the candidate they are hiring is equipped with strong security management skills and has demonstrated experience in security management.

CRISC is highly desired because it is the only certification that positions IT professionals for future career growth by linking IT risk management to enterprise risk management. Professionals across a wide range of job functions that include IT, security, audit and compliance have earned the CRISC designation since it was established in April 2010. To date, more than 16,000 professionals have earned the CRISC credential. Of these professionals, more than 1,200 are CIOs, CISOs, and chief compliance, risk and privacy officers.

“The CRISC was a forward-thinking certification when it was first introduced and it is no less so today as anticipating, evaluating, and responding to multiple risk vectors has been stitched into the fabric of every enterprise,” said David Foote, CEO and chief research officer of analyst firm Foote Partners. “It’s a certification that should be part of the foundation of a company’s or government organization’s commitment to understanding risk principles and frameworks.”

The ITSCPI, launched in 1999, tracks market values for individual IT skills and certifications at 2,350 employers in North America, with results and detailed market analyses published every three months. Currently, 540 skills and certifications are monitored and reported.

Additional information on ISACA certifications is available at


With more than 100,000 constituents in 180 countries, ISACA® ( is a leading global provider of knowledge, certifications, community, advocacy and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. Founded in 1969, the nonprofit, independent ISACA hosts international conferences, publishes the ISACA® Journal, and develops international IS auditing and control standards, which help its constituents ensure trust in, and value from, information systems. It also advances and attests IT skills and knowledge through the globally respected Certified Information Systems Auditor® (CISA®), Certified Information Security Manager® (CISM®), Certified in the Governance of Enterprise IT® (CGEIT®) and Certified in Risk and Information Systems Control (CRISC) designations.

ISACA continually updates and expands the practical guidance and product family based on the COBIT framework. COBIT helps IT professionals and enterprise leaders fulfill their IT governance and management responsibilities, particularly in the areas of assurance, security, risk and control, and deliver value to the business.