ISACA's CRISC Exam Updated to Reflect Latest Work Practices and Knowledge Used by Risk Practitioners

Schaumburg, Ill. (Aug. 2, 2021) - In a challenging landscape marked by the global pandemic and increased threats, many businesses and boards have learned the hard way the importance of risk management, governance, business continuity planning and resilience. The Certified in Risk and Information Systems Control® (CRISC®) certification from ISACA now reflects the increased focus that practitioners need to have in these areas with the release of an updated exam.


The refreshed exam reflects an updated job practice that takes into account the evolving needs of practitioners in the workforce today, including a heightened focus on business continuity, resiliency and corporate governance, as well as data privacy and protection. The new domains covered in the CRISC exam include governance, risk response and reporting, information technology and security, and continues to include IT risk assessment.


"The CRISC credential has empowered professionals to gain wide recognition and credibility by demonstrating their knowledge and experience in mitigating risk and implementing and maintaining information systems controls," says Kim Cohen, ISACA senior director, credentialing. "As the threat landscape evolves and the needs and responsibilities of the profession change as well, it is important that the certification is truly encompassing the real-world threats and on-the-job concerns facing the professionals we serve."


CRISC is the only IT risk certification on the market, and the only credential focused on enterprise risk management. The credential is ideal for mid-career IT, risk and security professionals and teams, validating practitioners' experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. More than 30,000 professionals have earned the CRISC designation since its inception in 2017, and the certification ranked among the top 15 highest-paying certifications globally for 2020 based on the 2020 IT Skills and Salary Report conducted by Global Knowledge.


Those preparing for the CRISC exam have a range of study options and can select from print, online, self-paced or instructor-led updated exam preparation resources, including the CRISC Review Manual, 7th Edition; CRISC Online Review Course 2021, CRISC Questions, Answers and Explanations (QAE), 6th Edition; and CRISC Online Exam Prep Virtual Instructor-led Training (VILT).


More information on the CRISC exam content outline can be found at To learn more about CRISC and to apply for certification, visit More detail about ISACA's other credentials can be found at



For more than 50 years, ISACA® ( has advanced the best talent, expertise and learning in technology. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organizations, and enables enterprises to train and build quality teams. ISACA is a global professional association and learning organization that leverages the expertise of its more than 150,000 members who work in information security, governance, assurance, risk and privacy to drive innovation through technology. It has a presence in 188 countries, including more than 220 chapters worldwide. In 2020, ISACA launched One In Tech, a philanthropic foundation that supports IT education and career pathways for under-resourced, under-represented populations. Twitter: