Exam with Risk Management Experience Only?

tracy5512

Hi there! I have 7 years experience in risk management; however, none in IT risk management. I'm looking to get into the IT/Info Security risk assessment/control testing field and looking at taking the CRISC. Obviously I wouldn't be able to get the certification yet, since I'd need the 3 years experience, but is it possible that taking and passing the exam could help me get a job in that field, considering my risk management experience? Is there a better certification I should start with/consider?

JDMurray

Studying for and passing the CRISC exam will certainly help you learn IT risk management. There are several other certs you should also look at to help you learn IT and InfoSec, such as Security+.

There are many hiring managers who only care that a candidate has passed a certification exam and not necessarily has the full certification. However, you must properly represent your lack of full certification according to ISACA's rules.