Systems/Network Admin want to move over to Risk Management

smcanuffsmcanuff Member Posts: 27 ■□□□□□□□□□
I am looking to do IT risk management. For the past 7 years I have been working as a Network/Systems admin. I would like to know what certi do I need to have this job role. I was looking on the ISACA site and saw a risk management certi call CRISC. Can anyone help me when the best path I can go on my career change.
Don't worry about what's ahead. Just go as far as you can. From there, you can see farther:cheers:


  • CISPhDCISPhD Member Posts: 114
    You're likely going to run into some speed bumps on taking the CRISC. You need to review their domains closely and see if your prior IT work fits into at least 3 of the areas for 3 or more years. I've included an except from their site here:

    "Certification is granted initially to individuals who have successfully completed the CRISC exam and meet the following work experience requirements in the fields of risk management and IS control. A minimum of at least three (3) years of cumulative work experience performing the tasks of a CRISC professional across at least three (3) CRISC domains is required for certification. There are no substitutions or experience waivers."

    There are additional routes you may take if you want to expand into IS or IT risk. You can start with more entry level certifications such as the Security+ offered by CompTIA. I'm not sure where you are academically, but college degrees in security and risk management are also available at most major univerisites or for profit technical universities. Be sure to pursue ACCREDITED universities. Nothing like spending 50K on a college degree just to find out it isn't accepted by most employers or higher education bodies.

    Once you have some entry level certs, you may be able to get an entry level job in IS or IT risk management. Given your past experience, you MIGHT be able to swing an mid-level job with a smaller company if they are looking for a consolidated role that can perform both network/sys admin work along with IS or IT risk management. Consulting firms (I don't mean temp agencies or employment farms) would be your best bet here.

    There are other entry level certs you can get to start redirecting your career path; just do some research. ISACA and ISC2 certs usually require 3 - 5+ years experience with very specific job duties, and are not generally seen as entry level certifications.

    Hope this helps. Please RE: w/ ?s.
  • CISPhDCISPhD Member Posts: 114
    You may also want to check into this thread. A lot of very useful information here by many that attend this thread.
Sign In or Register to comment.