ماجد عبد الله

Certified in Risk and Information Systems Control (CRISC) is a certification for information technology professionals with experience in managing IT risks, awarded by ISACA. To gain this certification, candidates must pass a written examination and have at least eight years of information technology or business experience, with a minimum of three years work experience in at least three CRISC domains. The intent of the certification is to provide a common body of knowledge for information technology/systems risk management, and to recognize the knowledge of enterprise and IT risk that a wide range of IT and Business practitioners have acquired, as well as the capability to: design, implement and maintain information system (IS) controls, to mitigate IS/IT risks. The CRISC requires demonstrated knowledge in five functional areas or ‘domains’ of IT risk management: Risk identification, assessment and evaluation Risk response Risk monitoring Information systems control, design and implementation IS control, monitoring and maintenance