I decided to pursue an ISACA membership and Certified in Risk and Information Systems Control (CRISC) certification because of ISACA’s reputation for offering industry-recognized and globally accepted professional certifications for more than four decades.
Based on my professional background and industry experience, I specifically chose to pursue the CRISC certification for two main reasons. The first reason is due to the extensive coverage of the concepts and principles described in the CRISC body of knowledge for effectively designing, developing, implementing and maintaining risk management processes across the organization in an effort to substantially contribute toward achieving business objectives. Second, and most important, the CRISC certification is completely vendor-neutral.
To all of those with the aspirations of joining the prestigious profession of business and technology risk management—and those who are already working in the profession—I strongly recommend the following steps:
- Pursue CRISC certification, because CRISC is by far one of the most relevant, recognized and respected credentials for you to pursue in your career in the business and technology risk management industry.
- Gain a thorough familiarity with a wide variety of risk management publications (e.g., The Risk IT Framework, The Risk IT Practitioner Guide, the COBIT framework, and the ISO 31000 International Risk Management Standard) to better understand the concepts and principles used in effectively managing business and technology risks across the organization.
- Join a graduate recruitment program that focuses on risk management-related functions/roles.
- Keep your CRISC certification current by enjoying the convenience of online opportunities provided by ISACA to earn continuing professional education (CPE) credits. As during the past few years, ISACA has been very active in devising new and convenient options to assist its certified members in accumulating CPE credits .
Regardless of the industry you are working in, the risk and compliance management function/role is and most likely will continue to be a reasonably fun, challenging and exciting area in which to work. It truly feels great to discover that you and your team have assisted your organization in managing organizational IT and business risks in an effective manner and have brought it one step closer to achieving its business objectives.
As I’m sure you do, I have a busy and hectic lifestyle, but I have personally adopted most of the above mentioned recommendations and I have greatly benefited from them, I am sure you will too!
Raees Khan, CRISC
Manager at Strategic Project, Pricestern