- Fei DuAllen Keele, PresidentIssued: May 2, 2024Expires: December 31, 2024hereby certifies thathas successfully met all requirements and is qualified as aCertified ISO 31000 Internal Controls Risk AnalystIn witness whereof, I have subscribed my signature to this certificate #001871.Credential validation ID: 102874222

Fei Du


Allen Keele, President
Issued: May 2, 2024
Expires: December 31, 2024
hereby certifies that
has successfully met all requirements and is qualified as a
Certified ISO 31000
Internal Controls Risk Analyst
In witness whereof, I have subscribed
my signature to this certificate #001871.
Credential validation ID: 102874222
Fei Du
ISO 31000 CICRA is the risk management certification supporting a career in risk management, information security management, or business continuity/disaster recovery management. It is appropriate for all members of the BCMS or ISMS committee. This certification validates competence and understanding for developing and managing a custom risk-management methodology based upon the ISO/IEC Risk Management Frameworks.
Upon completion of this training and certificate program, you will:
✅ Be equipped with knowledge and skills required to develop, manage, monitor, and improve an Enterprise Risk Management System in line with the ISO standards of best practice;
✅ Expand your risk management competency;
✅ Increase your credibility through gaining international recognition; and
✅ Improve your résumé and help to increase your earning potential.
Getting certified is easy. The CICRA™ certification is available to qualified candidates who:
1. Are a member of CIS in good standing. If you are not already an Associate member of the CIS certification student body, you must first become a member to pursue the CICRA credential. Please see www.certifiedinfosec.com/estore/cis-membership/cis-body-of-certified-professionals-detail for further details.
2. Attend the approved course, "CIS Policy Workshop: ISO 31000 Enterprise Risk Management." The course can be attended at live instructor-led sessions (in-person or remote) or online.
3. Pass the online exam RM101. The exam is administered online and can be taken at your convenience at your home or work through the CIS Learning Center, where your progress and score are monitored and recorded centrally. Your exam results are provided to you automatically upon completion of your exam.
4. Submit the required application kit (available at www.certifiedinfosec.com/services/certification-programs/cis-professional-certification-program/certification-kit-brochures-and-applications) to the Certification Department at certification@certifiedinfosec.com. You will officially become certified (certificated) once your exam results and required documentation are validated and approved by the certification committee.
Your certification badge will be processed and emailed to you within 10 business days following the receipt of the required documentation. Certification maintenance and renewal requirements can be viewed at www.certifiedinfosec.com/services/certification-programs.
Skills / Knowledge
- ISO 31000
- Enterprise Risk Management
- Risk Management
- Risk Assessment
- Business Impact Assessment
- Controls Management
- ISO 27005
- Auditing
- Gap Assessment
- GRC
- Governance Risk and Compliance
- Governance, Risk, and Compliance
Issued on
May 2, 2024
Expired on
December 31, 2024