ISACA Updates CDPSE and CRISC Exams to Reflect Latest Risk and Privacy Priorities

To keep pace with the evolving risk and privacy professions, ISACA has updated the exams and review materials for the Certified Data Privacy Solutions Engineer (CDPSE) and Certified in Risk and Information Systems Control (CRISC) credentials.

The updated CDPSE exam will be available on 2 June 2025, and its new exam preparation materials will be available starting 2 April 2025. The updated CRISC exam will be available on 3 November 2025, and its preparation materials will be available starting 3 September 2025.

The three CDPSE domains of privacy governance, privacy architecture and data life cycle management are adjusting and expanding to the following four domains:

Domain 1: Privacy Governance (20 percent)

Domain 2: Privacy Risk Management and Compliance (18 percent)

Domain 3: Data Life Cycle Management (23 percent)

Domain 4: Privacy Engineering (39 percent)

CDPSE is the first experience-based, technical certification of its kind, assessing a technology professional’s ability to implement privacy by design to enable organizations to enhance privacy technology platforms and products that provide benefits to consumers, build trust and advance data privacy. More than 19,000 professionals have earned the CDPSE designation since inception.

The four CRISC domains will remain the same, but the distribution of the exam content will slightly change to the following:

Domain 1: Governance (26 percent)

Domain 2: Risk Assessment (22 percent, compared to 20 percent previously)

Domain 3: Risk Response and Reporting (32 percent)

Domain 4: Technology and Security (20 percent, compared to 22 percent previously)

CRISC is for IT and business professionals – including risk and compliance professionals, business analysts and project managers–who identify and manage risk through the development, implementation and maintenance of appropriate information systems (IS) controls. More than 45,000 professionals have earned the CRISC designation since inception.

“Risk and privacy professionals each have a complex set of responsibilities in their respective roles, which continue to change as technologies and regulations evolve,” says Kim Cohen, Vice President of Credentialing at ISACA. “ISACA is committed to regularly evolving its exam content to most effectively reflect the current and emerging focus areas and realities that come with these jobs.”

Those preparing for the CDPSE exams have a range of study options and can select from print, online, self-paced or instructor-led updated exam preparation resources, including the QAE Database, Review Manual in print and eBook format, and Online Review Course. More information on the CDPSE exam content outline can be found at www.isaca.org/credentialing/cdpse/cdpse-exam-content-outline and in this Changelog. To learn more about CDPSE and to apply for certification, visit www.isaca.org/credentialing/cdpse.

Those preparing for the CRISC exams have a range of study options and can select from print, online, self-paced or instructor-led updated exam preparation resources, including the QAE Database, Review Manual in print and eBook format, and Online Review Course. Several of the exam preparatory materials will be available in Japanese and Spanish in addition to English. The previous exam prep materials will be removed from all channels on 3 September 2025. More information on the CRISC exam content outline can be found at www.isaca.org/credentialing/crisc/crisc-exam-content-outline. For precise launch dates for each language and product, visit this visual timeline. To learn more about CRISC, visit www.isaca.org/credentialing/crisc.

Details on ISACA’s other credentials, focusing on areas such as information security, risk, privacy, governance and emerging technologies, can be found at www.isaca.org/credentialing.

About ISACA

ISACA^® (www.isaca.org) champions the global workforce advancing trust in technology. For more than 55 years, ISACA has empowered its community of 185,000+ members with the knowledge, credentials, training and network they need to thrive in fields like information security, governance, assurance, risk management, data privacy and emerging tech. With a presence in more than 190 countries and with nearly 230 chapters worldwide, ISACA offers resources tailored to every stage of members’ careers—helping them to thrive in a rapidly changing digital landscape, drive trusted innovation and ensure a more secure digital world. Through the ISACA Foundation, ISACA also expands IT and education career pathways, fostering opportunities to grow the next generation of technology professionals.

LinkedIn: www.linkedin.com/company/isaca

Facebook: www.facebook.com/ISACAGlobal

Instagram: www.instagram.com/isacanews/

View source version on businesswire.com: https://www.businesswire.com/news/home/20250408723082/en/

ISACA updates CDPSE and CRISC exams to reflect latest risk and privacy priorities.