Average CRISC Salary in 2018

January 5, 2018 by Infosec


According to ISACA, the Certified in Risk and Information Systems Control (CRISC) certification is the only certification that “prepares and enables IT professionals for the unique challenges of IT and enterprise risk management, and positions them to become strategic partners to the enterprise.”

Because it is the only certification with a business-risk focus, it’s an excellent choice for anyone looking to enter the realm of information system risk management. The CRISC certification is applicable to infosec professionals leading or partnering with any organization, including financial institutions.

According to a study conducted by PayScale, the most important (popularly sought) skill for CRISC holders was security risk management. This was followed closely by security policies and procedures, and then IT security and infrastructure. Internal auditing came next, followed by risk management and control. SOX auditing was listed last.

CRISC-holder salaries range dramatically based on a number of factors, including location, experience level and job role. Let’s take a quick look at some of what you’ll need to know regarding the CRISC salary.

2018 CRISC Median Salary by City

  • Richmond, VA — $144,000
  • Stamford, CT — $130,000
  • Memphis, TN — $124,740
  • San Diego, CA — $121,000
  • Charlotte, NC — $109,000
  • New York City, NY — $100,500
  • Seattle, WA — $95,000

Richmond, VA, topped the list of median salaries with $144,000. San Diego, CA, fell into the middle of the range with $121,000, and Seattle, WA, came in last at $95,000.

2018 CRISC Median Salary by Experience

  • 1-4 years of experience — $88,000
  • 5-9 years of experience — $92,087
  • 10-19 years of experience — $119,047
  • 20 years or more — $149,550

The more years of experience you have, the higher your salary will be. However, experience is only one of the factors that will affect your pay – you’ll also need to account for location and job role.

2018 CRISC Median Salary by Job Role

  • Senior Information Technology Auditor — $92,372
  • Chief Information Security Officer — $202,940
  • Information Security Analyst — $99,480
  • Information Security Manager — $122,474
  • Information Security Officer — $95,986

The highest pay goes to those filling the role of chief information security officer, but as you can see from the information above, CRISC holders have good earning potential in almost any position.

The CRISC is the only certification for IT enterprise risk management professionals and can help you build a rewarding career.


Average Salary for Certification: Certified in Risk and Information Systems Control, PayScale

Posted: January 5, 2018
Articles Author
View Profile

Leave a Reply

Your email address will not be published. Required fields are marked *