Because all information security analysis, controls, and processes are essentially a product of risk management, ISO/IEC 31000 and 27005 provides the framework for how to apply proper risk management within the ISO/IEC 27001/27002 ISMS, or within the 22301 BCMS. The CICRA credential certifies your understanding of how ISO/IEC risk management standards can be used to develop a custom enterprise risk management program that fulfills the requirements of both ISO/IEC 27001, and ISO 22301.
It also helps fulfil the competence requirements of the certifications themselves. Certified Information Security provides the training and credentialing you need to become recognized as an authority in leading or facilitating risk assessment and management according to the ISO/IEC risk management framework standards.
ISO 31000 CICRA is the risk management certification supporting a career in risk management, information security management, or business continuity/disaster recovery management. It is appropriate for all members of the BCMS or ISMS committee. This certification validates competence and understanding for developing and managing a custom risk-management methodology based upon the ISO/IEC Risk Management Frameworks.
Upon completion of this training and certificate program, you will:
✅ be equipped with knowledge and skills required to develop, manage, monitor, and improve an Enterprise Risk Management System in line with the ISO standards of best practice;
✅ expand your risk management competency;
✅ increase your credibility through gaining international recognition; and
✅ improve your résumé and help to increase your earning potential.