CFCM, CICRA, CICA, CBCA, CBCS, CBCM, CFCP, CFCM, CISSP, certified fraud examiner, lead auditor
cfca, cfcp, cfcm, cicra, cica, cbcs, cbca, cbcm

Choosing the Right Credential

Do you have experience in information security, fraud control, or business continuity management, but wonder where you stand with regard to the CIS certification process or which CIS credential is right for you? Check your career experience with your potential credential below.

  • Fraud Control
  • Information Security
  • BS25999 Business Continuity Management

  • Your experience

    Your potential CIS credential
    Less than 2 years
    CFCA_180
    CFCA™ is the entry-level fraud control certification for fraud control professionals with less than two years of qualified experience.

    Fast-track your career with the support and strength of Certified Information Security certification body. If you’re a student or career changer considering moving into the field of information security, or just starting out in fraud control management, you are eligible to become certified as a Fraud Control Associate by Certified Information Security. By aligning yourself with an industry leader in fraud control education, you’re jumping ahead of thousands of others vying for solid positions in the early stages of their careers. Fraud Control is an immensely rewarding career with unlimited possibilities. Earning your CFCA™ is an excellent way to get off to a good start!

    Click here to learn more...
    2 or more years
    CFCP_180
    CFCP™ is the mid-level fraud control certification for fraud control professionals with at least two years of qualified experience.

    You have already been involved with controlling fraud in your career as an accountant, human resource professional, auditor, security professional, or manager, but are now ready to base your career in fraud control. Your experience in the field is an important component of your value to an employer. But experience just isn’t enough. Employers need something quantifiable and verifiable to show them you have the expertise they need. Earning the CFCP™ certification will give you the credential and proof of expertise today's employers require.

    Click here to learn more...
    5 or more years
    CFCM_180
    CFCM™ is the expert-level fraud control certification for fraud control professionals with at least five years of qualified experience.

    One of your primary responsibilities is protecting the organization from suffering losses and business disruption resulting from internal occupational fraud and abuse. Your experience in the field is an important component of your value to an employer. As a designated leader of fraud prevention, detection, and investigation processes, your employer counts on you to mitigate fraud risk throughout the enterprise. But experience just isn’t enough. Employers need something quantifiable and verifiable to show them you have the expertise they need, and you want to establish occupational identity with a respected certification in internal fraud risk prevention and mitigation. Earning the CFCM™ certification will give you the credential and proof of expertise today's employers require.

    Click here to learn more...

  • Your experience

    Your potential CIS credential
    Less than 2 years
    CICRA_180 This is the risk management certification supporting a career in risk management, information security management, or business continuity/disaster recovery management. It is appropriate for all members of the BCMS or ISMS committee.

    This certification credentials your competence and understanding for developing and managing a custom risk-management methodology based upon the ISO/IEC 27005 Risk Management Framework.

    The ISO/IEC 27001 certification of an organization's Information Security Management System (ISMS) requires that all security methods and controls must be driven by risk assessment as defined in an organization's formal documented risk management methodology. BS 25999-2 certification of an organization's Business Continuity Management System (BCMS) requires the same.

    Because all information security analysis, controls, and processes are essentially a product of risk management, ISO/IEC 27005:2011 provides the framework for how to apply proper risk management within the ISO/IEC 27001/27002 ISMS, or within the BS 25999 BCMS.

    The CICRA credential by Certified Information Security certifies your understanding of ISO/IEC 27005, and how the 27005 framework can be used to develop a custom risk management methodology that fulfills the requirements of both ISO/IEC 27001, and BS 25999-2. It also helps fulfil the competence requirements of the certifications themselves.

    Click here to learn more...
    2 or more years
    CICA_180
    CICA™ is the expert-level certification for information security professionals with at least two years of qualified experience. This certification maps to and fulfills all ISO/IEC 27001 competence requirements.

    The CICRA and CICA credentials by Certified Information Security certifies your understanding of how ISO/IEC 27001, 27002, 27003, and 27005 standards can be used to develop a custom fit-for-purpose risk management methodology and Information Security Management System that fulfills the requirements of ISO/IEC 27001. It also helps fulfil the organizational competence requirements of the ISO/IEC 27001 standard itself!

    Get trained. Get certified. Be recognized as an ISO 27001 information security architect.

    Click here to learn more...

  • Your experience

    Your potential CIS credential
    Less than 5 years

    CICRA_180

    		 This is the risk management certification supporting a career in risk management, information security management, or business continuity/disaster recovery management. It is appropriate for all members of the BCMS or ISMS committee.

    This certification credentials your competence and understanding for developing and managing a custom risk-management methodology based upon the ISO/IEC 27005 Risk Management Framework.

    The ISO/IEC 27001 certification of an organization's Information Security Management System (ISMS) requires that all security methods and controls must be driven by risk assessment as defined in an organization's formal documented risk management methodology. BS 25999-2 certification of an organization's Business Continuity Management System (BCMS) requires the same.

    Because all information security analysis, controls, and processes are essentially a product of risk management, ISO/IEC 27005:2008 provides the framework for how to apply proper risk management within the ISO/IEC 27001/27002 ISMS, or within the BS 25999 BCMS.

    The CICRA credential by Certified Information Security certifies your understanding of ISO/IEC 27005, and how the 27005 framework can be used to develop a custom risk management methodology that fulfills the requirements of both ISO/IEC 27001, and BS 25999-2. It also helps fulfil the competence requirements of the certifications themselves,

    Click here to learn more.
    Less than 5 years

    CBCS_180
    This is an executive business continuity governance certificationappropriate for all members of the BCMS or ISMS committee.

    This certification maps to the planning competence requirements of BS 25999.

    British Standard 25999 advocates that the business process of business continuity and disaster recovery management should begin with the development of a clear continuity strategy establishing what the organization needs to accomplish with its BCM program based upon thorough risk analysis and evaluation by the proper risk decision-makers within the organization.

    The Certified Business Continuity Strategist (CBCS) certification by CIS certifies your ability to develop the formal structure, governance, and policy of the Business Continuity Management System (BCMS). Furthermore the CBCS certification ensures that you are qualified to develop strategic objectives including, but not limited to:

    • Determining and guiding the selection of alternative business recovery operating strategies for continuation of business within recovery time and/or recovery point objectives, while maintaining the organization's critical functions.
    • Delivering solutions for continuation of business within the recovery time and/or recovery point objectives, whilst maintaining the organization's critical functions.
    • Developing, coordinating, evaluating and creating plans and procedures to communicate with internal stakeholders during incidents.
    • The provision of post-incident support and guidance for employees and their families.

    Click here to learn more.
    Less than 5 years
    CBCA_180
    This is the mid-level business continuity management certification.

    This certification maps to all BS 25999 competence requirements.

    Building upon the foundation understanding of the BS 25999 Business Continuity Management System (BCMS) platform validated by the Certified Business Continuity Strategist credential, the Certified Business Continuity Administrator(CBCA) certification  by CIS attests to your ability to develop the necessary incident management plans (IMPs) and response procedures necessary to fulfill the strategic objectives that have already been finalized. The CBCA also certifies that you have the necessary knowledge and skills to properly administrate the deployment, testing, and maintenance of IMPs and response procedures.

    Click here to learn more.
    5 or more years
    CBCM_180
    This is the expert-level business continuity management certification. CBCAs (see above) with at least 5 years of qualified experience are eligible for this credential.

     Click here to learn more.