Risk and compliance and how new technologies impact overall enterprise risk remain top of mind for boards and upper management, especially after the current pandemic.

For Filipino cyber security professionals, the need to validate expertise and keep updated with trends is more than a way to stand out in a competitive field. It's a form of risk management for their organisations, ensuring their teams are equipped with knowledge to prevent and manage the latest threats.

Blog Image: Empowering Filipino Cyber Security Professionals: A Deep Dive into the CRISC Certification

ISACA’s Certified in Risk and Information Systems Control® (CRISC®) is the only IT risk management (ITRM) certification on the market that can arm IT teams with the latest Enterprise Risk Management (ERM) best practices to build a robust ERM framework with documented business continuity plans to enhance resilience. The recently updated CRISC exam emphasises organisational governance, continuous risk monitoring and reporting, infosec and data privacy considerations, which align with current risk work practices and organisational needs.

In fact, 56% of CRISC holders say they use the skills learned through certification several times a day in their current position and 46% agree there is a greater demand for their skills since becoming certified. This is according to Cert Mag's Salary Survey in 2022.

Let's explore what to expect when you book and sit CRISC certification by ISACA with Lumify Work (formerly DDLS). One of our students, a Filipino IT Director for an international water stewardship company, offers a look into his experiences.

Some background on CRISC Certification

Designed for IT managers, IT risk analysts, IT consultants, IT risk/security advisory managers, IT compliance managers, and IT risk assessment specialists, CRISC certification validates the skills of individuals in identifying and managing risks through developing, implementing, and maintaining appropriate information systems controls.

Why get a CRISC Certification?
Successfully obtaining the CRISC certification confirms an individual's skills and knowledge to secure organisations against today's ever-escalating threats. Some its benefits for enterprises include:

  • Reducing risk: CRISCs help enterprises understand business risk and have the technical knowledge to implement appropriate IS controls.

  • Creating a common language: Establish a common perspective and language about IT risk that can set the standard for the enterprise.

  • Driving business successes: CRISC holders understand the methods and processes to effectively manage risks and seize opportunities for achieving enterprise objectives.

  • Being prepared: CRISC holders can handle the challenges of IT risk management, drive compliance and transparency to ensure customer trust and business growth.

Key Features of the CRISC Certification Course
CRISC training course is an intensive, four-day review program that tackles critical points outlined in the CRISC Review Manual. The program includes class lectures, group discussions and exam practice and is designed to address the following:

  • Key domains include Governance, IT Risk Assessment, Risk Response and Reporting and Information Technology and Security.

  • CRISC holders can understand their organisation’s risk appetite, proactively identify and assess potential risks, and implement appropriate IS controls to mitigate these risks.

  • CRISC holders can ensure proper governance and risk management they plan and optimise resources to achieve ROI.

  • CRISC holders can ensure continuous risk monitoring and reporting to assist management in exercising due care and diligence in protecting the organisation's assets and meeting regulatory requirements.

  • Provide practitioners an understanding of computer hardware and software, networking concepts, enterprise resiliency, secure system development, and data privacy.

In addition to a digital courseware manual, students can access the CRISC Questions, Answers, and Explanations (QAE) database for 12 months.

Aligning with Certification Standards

ISACA, the organisation behind CRISC, is a global leader in providing practical guidance, benchmarks and effective tools for enterprises utilising information systems. ISACA's comprehensive guidance and services are pivotal in defining the responsibilities of information systems governance, security, audit and assurance professionals worldwide.

Lumify Work, as an Accredited Elite Partner of ISACA, offers a platform through which professionals can access and benefit from ISACA's wealth of knowledge. ISACA also vets Lumify Work trainers, so you can be sure you are getting experts to help build your expertise.

An inside look into CRISC certification

Bryan Adviento is the director of IT at Ecolab. Ecolab is the global leader in water, hygiene and infection prevention solutions and services.

Blog Image: Empowering Filipino Cyber Security Professionals: A Deep Dive into the CRISC Certification

He describes it as a global role that brings an innovative approach to technology risk management, sound leadership skills, and deep expertise in technology, cyber, cloud, and data risks within the organisation.

In 2023, he booked and sat CRISC training through Lumify Work Philippines. A few months after, he was able to pass his exams and gain certifications.

Brian shared insights into his training experience and how it impacts his role and organisation.

What got you started on the path to CRISC and CISSP training?

I'm fortunate to be in an organisation that recognises both my performance for the last six years and my potential to take on this new role of overseeing three teams:

  • Policy & Standards Management

  • Technology Risk Management

  • Audit Response & Remediation Management

I studied and worked to gain certifications to prepare for my new accountabilities. My previous IT certifications were purely "technical," except for ITIL and PMP.

However, I also wanted to strengthen my leadership skills and gain risk-related certifications.

Especially for risk management, one of my goals was to be part of a community to gain insights from other professionals. I found two ways to do this:

  • First, by attending conferences and conventions

  • Second, I enrolled in training sessions in which I could have healthy discussions with an experienced trainer and my cohorts.

Lumify Work gave me the opportunity to do the latter.

How has the training impacted your work?
CRISC training gave me a few ideas on how to tailor my reports for our CIO and CEO. The skills and knowledge I gained have helped me support the organisation better and even gain recognition for this.

How has the training impacted the business?
Training with Lumify Work has made such a huge impact. Ecolab's Risk Management is still young. The courses has given me insights on implementing some policies and standards around Risk Management.

Have you gotten other ICT training before? If yes, why did you switch to Lumify? How is Lumify different from your previous training?
Yes, I've joined training multiple times before and from different providers. But I went with Lumify Work for a couple of reasons:

  • First, only a handful of training providers in the Philippines offer the courses I was looking for.

  • Second, I was looking for trainers with actual experience who have been on the field.

I've been on other sessions where the trainers were certified – yes. But they only offered theoretical knowledge. I was looking for guidance on the real-world applications of the concepts in the courses, and I got that from the technical instructors at Lumify Work and those in my cohort.

How strongly would you recommend Lumify Work to other businesses? Why?
I highly recommend Lumify, especially to those who face challenges with time, like me. My position is very demanding, and it wasn't easy to spend hours commuting to the training site on top of the training itself and my day-to-day tasks. So, the option to take virtual instructor-led training was an advantage.

As part of a global team, I appreciated getting technical insights from trainers from Australia while being able to practice my communication skills with them.

Taking the Next Step

It's important to note that fees cover the training and not the CRISC exam. Once you've completed the course and have sufficiently prepared using the resources provided, you can purchase the exams separately by contacting the Lumify Work team for a quote.

Blog Image: Empowering Filipino Cyber Security Professionals: A Deep Dive into the CRISC Certification

We aim to make accessing the best learning solutions easy for you and your teams. Lumify has ten fully equipped training campuses (with 90 classrooms) located in key business centres around Australia, New Zealand and the Philippines.

And if time or distance are a challenge, we can train your team on your premises or deliver state-of-the-art remote instructor-led training. Full HD video and audio create a virtual classroom experience and access to our expert instructors through Lumify Anywhere.

For details on cyber security training with Lumify, please explore our website, download our brochure or consult with our team.

Feature Articles

Drive Innovation with IT Service Management Training
11 December 2023
The Multiplier Effect of CISSP Training for Professors and Educators in the Philippines
By Chloe Villanueva | 31 January 2024
Empowering Filipino Cyber Security Professionals: A Deep Dive into the CRISC Certification
By Chloe Villanueva | 6 February 2024
Unleashing the Power of Data Analytics: A Call for Governments and Public Sector Agencies
By Chloe Villanueva | 20 November 2023