This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Find out more here

United Kingdom

Select your regional store:


The CRISC Campus

Complete resources to ensure you achieve and maintain CRISC certification

Awarded by ISACA, the Certified in Risk and Information Systems Control (CRISC) qualification is awarded to IT professionals who identify and manage risks through the development, implementation and maintenance of information systems (IS) controls.

IT Governance offers a complete range of products, including study guides and training, which are designed to help you pass the CRISC examination at the very first attempt.

Studying for your Certified in Risk and Information Systems Control (CRISC) Examination

Our complete range of CRISC study guides and training services:


The Certified in Risk and Information Systems Control (CRISC) certification is awarded to candidates who have at least three years of relevant work experience and who pass a written examination, which is held in June and December each year.

ISACA defines four CRISC domains, effective from June 2015.

  • Domain 1—Risk Identification (27% of exam)
  • Domain 2—Risk Assessment (28% of exam)
  • Domain 3—Risk Response and Mitigation (23% of exam)
  • Domain 4—Risk and Control Monitoring and Reporting (22% of exam)

For more information, please see the official ISACA ‘How to Become CRISC Certified’ web page.


How do you pass the CRISC exam at the first attempt?

We recommend the following actions:

  1. Check that you have the relevant three years of work experience to qualify.
  2. Register and book your June or December exam direct with ISACA.
  3. Purchase the official ISACA study guides and textbooks.
  4. Plan a self-study programme that covers all the key knowledge domains.
  5. Attend an exam preparation training course a few days before you sit the exam.


Certified in Risk and Information Systems Control (CRISC) Training Course

The Certified in Risk and Information Systems Control (CRISC) Training Course is designed to provide thorough preparation to ensure you pass the ISACA CRISC examination at the first attempt. This three-day course offers the perfect revision and preparation for the CRISC exam, which is scheduled in June and December every year.

Full details are available on the CRISC Training Course page.

Please book online or call our Training Team on +44 (0)845 070 1750 to discuss your specific requirements.


CRISC exam information

The CRISC exam is held in June and December every year.

  • Registration opens – 10 November 2015
  • Early registration deadline – 10 February 2016
  • Final registration deadline – 8 April 2016
  • Examination date – 11 June 2016

Details of how to register online with ISACA for the exam can be found here.

After registration and payment, candidates are sent the Candidate's Guide to the CRISC Exam document, which provides a detailed outline of the subject areas covered in the examination, a suggested list of reference materials to review, a glossary of acronyms commonly used, and a sample copy of the answer sheet used for the exam.


Essential CRISC books and study guides available from IT Governance

As preparation is the essential ingredient to passing the CRISC examination, we strongly recommend that all delegates purchase the CRISC Exam and Study Guides prior to taking the relevant course. IT Governance is the exclusive approved reseller of ISACA publications in the UK and all titles are available from our dedicated ISACA Certification Bookstore.

We particularly recommend that you purchase the Official CRISC Exam Passport package, which contains copies of the CRISC Review Manual, 6th Edition and CRISC Review Questions, Answers and Explanations Manual, 4th Edition.


Continuing Professional Education (CPE)

There is a Continuing Professional Education (CPE) policy in respect of qualified CRISC professionals. The goal of this policy is to ensure that all CRISCs maintain an adequate level of current knowledge and proficiency in the field of information systems audit, control and security. CRISCs who successfully comply with the ‘continuing professional education policy will be better trained to assess information systems and technology and provide leadership and value to their organizations.’ The responsibility for setting the continuing professional education requirements rests with the CRISC Certification Board, which oversees the continuing professional education process and requirements to ensure their applicability.

Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours are required during a fixed three-year period. Please see the Maintain Your CRISC page on the ISACA website for further details.




Information Security Qualifications: Fact Sheet

Download Now