ISO 31000 Certified Internal Controls Risk Analyst™
Because all information security analysis, controls, and processes are essentially a product of risk management, ISO/IEC 31000 and 27005 provides the framework for how to apply proper risk management within the ISO/IEC 27001/27002 ISMS, or within the 22301 BCMS. The CICRA credential certifies your understanding of how ISO/IEC risk management standards can be used to develop a custom enterprise risk management program that fulfills the requirements of both ISO/IEC 27001, and ISO 22301. It also helps fulfil the competence requirements of the certifications themselves. Certified Information Security provides the training and credentialing you need to become recognized as an authority in leading or facilitating risk assessment and management according to the ISO/IEC risk management framework standards.
ISO 31000 CICRA is the risk management certification supporting a career in risk management, information security management, or business continuity/disaster recovery management. It is appropriate for all members of the BCMS or ISMS committee. This certification validates competence and understanding for developing and managing a custom risk-management methodology based upon the ISO/IEC Risk Management Frameworks.
Upon completion of this training and certificate program, you will:
- be equipped with knowledge and skills required to develop, manage, monitor, and improve an Enterprise Risk Management System in line with the ISO standards of best practice;
- expand your risk management competency;
- increase your credibility through gaining international recognition; and
- improve your résumé and help to increase your earning potential.
Getting certified is easy, and can be accomplished completely online. The CICRA™ certification is available to qualified candidates who:
- Are a member of CIS in good standing.
If you are not already an Associate member of the CIS certification student body, you must first become a member to pursue the CICRA credential.
- Attend the required CIS approved curriculum course (live or online): "CIS Policy Workshop: ISO 31000 Risk Management"
- Pass the CICRA Exam. For CICRA certification by CIS, candidates must pass CIS exam #RM101. CIS exams are administered on-line and can be taken at your convenience at your home or work through the CIS eLearning Center, where your progress and score are monitored and recorded centrally. Your exam results are provided automatically upon completion of your exam.
- Submit your professional endorsements.
CICRA is an entry-level credential and has no experience requirements.
Complete your CIS exam #RM101 and submit three CIS Candidate Endorsement Forms to the Certification Department at CIS Headquarters. We recommend you gather your documentation and send it all together along with your application approximately one month before you are ready to take a CIS Exam. Your completed application and documentation can be mailed, transmitted by facsimile, or e-mailed to:
Certified Information Security
ATTN: Certification Department
1004 Green Pine Circle
Orange Park, FL 32065 USA
Fax: +1(786) 522-9063
- Gain final approval from the certification committee and become certified by CIS.
You will officially become certified once your exam and credentials are approved by the certification committee. Your certification kit will be mailed to the address you provided for your membership account. Those who have attained a CIS credential will be invoiced for certification renewal upon annual membership renewal.
Upgrade Path: Certified Business Continuity Strategist (CBCS™) or Certified Internal Controls Architect (CICA™)