This is the risk management certification supporting a career in risk management, information security management, or business continuity/disaster recovery management. It is appropriate for all members of the BCMS or ISMS committee.
This certification credentials your competence and understanding for developing and managing a custom risk-management methodology based upon the ISO/IEC 31000/27005 Risk Management Frameworks.
CICRA™ Certification Narrated Tutorial
The ISO/IEC 27001 certification of an organization's Information Security Management System (ISMS) requires that all security methods and controls must be driven by risk assessment as defined in an organization's formal documented risk management methodology. ISO 22301 certification of an organization's Business Continuity Management System (BCMS) requires the same.
Because all information security analysis, controls, and processes are essentially a product of risk management, ISO/IEC 31000 and ISO/IEC 27005 provide the frameworks for properly applying risk management within the ISO/IEC 27001/27002 ISMS, or within the ISO 22301 BCMS.
The CICRA credential by Certified Information Security certifies your understanding of ISO/IEC 27005, and how the 27005 framework can be used to develop a custom risk management methodology that fulfills the requirements of both ISO/IEC 27001, and ISO 22301. It also helps fulfil the competence requirements of the certifications themselves. Upon completion of this training and certificate program, you will:
- be equipped with knowledge and skills required to plan and design an Enterprise Risk Management system conforming to the ISO 31000 and 31010 standards;
- be able to expand your risk management competency;
- be able to increase your credibility through gaining international recognition; and
- be able to improve your résumé/CV and help to increase your earning potential.
Are a member of CIS in good standing.
If you are not already an Associate member of the CIS certification student body, you must first become a member to pursue the CICRA credential.
- Attend the following the required CIS approved curriculum course (live or online):
- CIS Policy Workshop: ISO 31000 Enterprise Risk Management
- Pass the CICRA Exam.
For CICRA certification by CIS, candidates must pass CIS exam RM101. CIS exams are administered on-line and can be taken at your convenience at your home or work through the CIS eLearning Center, where your progress and score are monitored and recorded centrally. Your exam results are provided automatically upon completion of your exam.
- Submit your professional endorsements.
CICRA is an entry-level credential and has no experience requirements. Complete your CIS exam RM101and submit three CIS Candidate Endorsement Forms to the Certification Department at CIS Headquarters. Your completed application and documentation can be mailed, transmitted by facsimile, or e-mailed to:
Certified Information Security
ATTN: Certification Department
1004 Green Pine Circle
Orange Park, FL 32065 USA
Fax: +1(786) 522-9063
- Gain final approval from the certification committee and become certified by CIS.
You will officially become certified once your exam and credentials are approved by the certification committee. Your certification kit will be mailed to the address you provided for your membership account. Those who have attained a CIS credential will be invoiced for certification renewal upon annual membership renewal.
Upgrade Path: Certified Business Continuity Strategist (CBCS™) or Certified Internal Controls Architect (CICA™)