ISACACRISC
ISACA Certified in Risk and Information Systems Control
Validate your ability to identify, assess, respond to, and monitor information technology risk, and to design, implement, and maintain information systems controls aligned with enterprise risk management and governance frameworks.
Practice questions coming soon — study materials are ready
Recommended Study Path
Exam Domain Breakdown
Governance26%
Risk Assessment22%
Risk Response and Reporting32%
Technology and Security20%
Frequently Asked Questions
What is the passing score for the ISACA Certified in Risk and Information Systems Control (CRISC) exam?+
The passing score for the CRISC exam is 450/800. The exam consists of 150 questions and you have 240 minutes to complete it.
How many questions are on the CRISC exam?+
The CRISC exam has 150 questions. The exam duration is 240 minutes, giving you roughly 96 seconds per question on average.
How much does the CRISC exam cost?+
The CRISC exam costs $760 USD. Check with ISACA for the latest pricing, regional variations, and any available vouchers or discounts.
What domains are covered on the CRISC exam?+
The CRISC exam covers 4 domains: Governance (26%), Risk Assessment (22%), Risk Response and Reporting (32%), Technology and Security (20%). Focus your study time proportionally to these weights.
What free study resources are available for the CRISC exam?+
CertPrepNow offers free study guide, cheat sheet, exam notes, flashcards for the CRISC exam. All resources are available without registration or payment.
How long should I study for the CRISC exam?+
Study time varies by experience level. For someone with relevant work experience, 2-4 weeks of focused study (1-2 hours per day) is typical. Beginners may need 4-8 weeks. Start with the study guide to identify knowledge gaps, then use practice questions to test readiness.
Is the ISACA Certified in Risk and Information Systems Control certification worth it?+
The ISACA Certified in Risk and Information Systems Control certification from ISACA validates skills that are in demand. It demonstrates proficiency in governance and risk assessment. Whether it is worth pursuing depends on your career goals and current role.