Period
to 16 October 2021

The following table provides summary statistics for permanent job vacancies with a requirement for CRISC qualifications. Included is a benchmarking guide to the salaries offered over the 6 months to 16 October 2021 with a comparison to the same period in the previous 2 years.

ISACA Certified in Risk and Information Systems Control (CRISC)
UK
6 months to
16 Oct 2021
Same period 2020 Same period 2019
Rank 883 584 850
Rank change year-on-year -299 +266 +42
Permanent jobs citing CRISC 149 101 234
As % of all permanent jobs advertised in the UK 0.12% 0.21% 0.17%
As % of the Qualifications category 0.55% 0.98% 0.73%
Number of salaries quoted 78 83 192
10th Percentile £48,750 £37,500 £38,750
25th Percentile £57,500 £43,750 £51,250
Median annual salary (50th Percentile) £65,000 £60,000 £65,000
Median % change year-on-year +8.33% -7.69% -13.33%
75th Percentile £74,712 £73,125 £87,500
90th Percentile £92,500 £90,750 £114,000
UK excluding London median annual salary £63,750 £52,500 £60,000
% change year-on-year +21.43% -12.50% -7.69%

CRISC is in the Academic Qualifications and Professional Certifications category. The following table is for comparison with the above and provides summary statistics for all permanent job vacancies with a requirement for academic qualifications or professional certifications.

All Academic and Professional Certifications
UK
Permanent vacancies requiring academic qualifications or professional certifications 26,934 10,348 31,838
As % of all permanent IT jobs advertised in the UK 21.62% 21.57% 23.16%
Number of salaries quoted 14,993 7,959 23,671
10th Percentile £31,250 £31,250 £26,750
25th Percentile £40,301 £41,250 £35,000
Median annual salary (50th Percentile) £55,000 £55,000 £50,000
Median % change year-on-year - +10.00% -
75th Percentile £72,500 £71,250 £66,500
90th Percentile £87,500 £87,500 £82,500
UK excluding London median annual salary £48,000 £48,500 £45,000
% change year-on-year -1.03% +7.78% -

CRISC
Job Vacancy Trend

Job postings citing CRISC as a proportion of all IT jobs advertised.

Job vacancy trend for CRISC in the UK

CRISC
Salary Trend

3-month moving average salary quoted in jobs citing CRISC.

Salary trend for CRISC in the UK

CRISC
Salary Histogram

Salary distribution for jobs citing CRISC over the 6 months to 16 October 2021.

Salary histogram for CRISC in the UK

CRISC
Top 13 Job Locations

The table below looks at the demand and provides a guide to the median salaries quoted in IT jobs citing CRISC within the UK over the 6 months to 16 October 2021. The 'Rank Change' column provides an indication of the change in demand within each location based on the same 6 month period last year.

Location Rank Change
on Same Period
Last Year
Matching
Permanent
IT Job Ads
Median Salary
Past 6 Months
Median Salary
% Change
on Same Period
Last Year
Live
Job
Vacancies
England -263 144 £65,000 +8.33% 22
UK excluding London -218 84 £63,750 +21.43% 16
Work from Home -223 55 £65,000 +13.04% 3
South East -123 54 £65,000 +52.94% 4
London -239 50 £65,000 - 8
North of England -139 13 £55,000 - 6
Yorkshire -100 11 £55,000 -8.33% 5
Midlands -125 9 £67,500 +13.92%
West Midlands -97 7 £71,250 +46.91%
East of England - 5 £110,000 - 1
North West -97 2 £47,500 +5.56% 1
Scotland -100 2 - - 1
South West -88 1 - - 3

For the 6 months to 16 October 2021, IT jobs citing CRISC also mentioned the following skills in order of popularity. The figures indicate the absolute number co-occurrences and as a proportion of all permanent job ads with a requirement for CRISC.

1 111 (74.50%) CISM
2 110 (73.83%) CISSP
3 104 (69.80%) Information Security
4 91 (61.07%) CISA
4 91 (61.07%) Risk Management
5 83 (55.70%) Cybersecurity
6 68 (45.64%) ISO/IEC 27001
7 58 (38.93%) Analytical Skills
8 52 (34.90%) Agile Software Development
9 51 (34.23%) Social Skills
10 50 (33.56%) Degree
11 43 (28.86%) Finance
12 42 (28.19%) NIST
13 38 (25.50%) Regulatory Compliance
13 38 (25.50%) Continuous Improvement
14 34 (22.82%) COBIT
15 32 (21.48%) IT Audit
16 29 (19.46%) Internal Audit
17 28 (18.79%) Management Information System
18 26 (17.45%) Firewall
19 24 (16.11%) ITIL
19 24 (16.11%) Stakeholder Management
20 23 (15.44%) SDLC
21 22 (14.77%) OWASP
21 22 (14.77%) CGEIT
22 21 (14.09%) GRC
23 20 (13.42%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
23 20 (13.42%) Sarbanes-Oxley
24 19 (12.75%) Legal
24 19 (12.75%) ITGC

CRISC
Co-occurring IT Skills by Category

The follow tables expand on the table above by listing co-occurrences grouped by category. The same job type, locality and period is covered with up to 20 co-occurrences shown in each of the following categories:

Application Platforms
1 4 (2.68%) IIS
2 2 (1.34%) SharePoint
Applications
1 2 (1.34%) Microsoft Office
1 2 (1.34%) Microsoft PowerPoint
Business Applications
1 1 (0.67%) Distributed Ledger
Cloud Services
1 9 (6.04%) AWS
2 7 (4.70%) Azure
3 4 (2.68%) Cloud Computing
4 3 (2.01%) Microsoft 365
5 2 (1.34%) GCP
6 1 (0.67%) Azure Key Vault
6 1 (0.67%) GitHub
Communications & Networking
1 26 (17.45%) Firewall
2 9 (6.04%) VPN
3 8 (5.37%) GSM
4 5 (3.36%) Network Security
5 4 (2.68%) TCP/IP
6 2 (1.34%) Cisco ASA
7 1 (0.67%) Cisco IPT
7 1 (0.67%) Intrusion Detection
7 1 (0.67%) OpenLDAP
7 1 (0.67%) Wireless
7 1 (0.67%) Wireless Security
Database & Business Intelligence
1 8 (5.37%) MySQL
2 1 (0.67%) SQL Server
2 1 (0.67%) Tableau
Development Applications
1 1 (0.67%) Jenkins
1 1 (0.67%) Sonatype Nexus
General
1 58 (38.93%) Analytical Skills
2 51 (34.23%) Social Skills
3 43 (28.86%) Finance
4 19 (12.75%) Legal
5 17 (11.41%) Presentation Skills
6 16 (10.74%) Inclusion and Diversity
7 9 (6.04%) Retail
8 8 (5.37%) Documentation Skills
9 7 (4.70%) Influencing Skills
10 6 (4.03%) Banking
10 6 (4.03%) Telecoms
11 2 (1.34%) Law
11 2 (1.34%) Organisational Skills
11 2 (1.34%) Pharmaceutical
12 1 (0.67%) Games
12 1 (0.67%) Investment Banking
12 1 (0.67%) Publishing
Job Titles
1 23 (15.44%) Analyst
2 19 (12.75%) Auditor
2 19 (12.75%) IT Auditor
3 16 (10.74%) Security Manager
4 15 (10.07%) Security Analyst
5 13 (8.72%) Risk Analyst
6 12 (8.05%) Information Analyst
7 11 (7.38%) Information Security Analyst
8 9 (6.04%) Information Manager
8 9 (6.04%) Information Officer
8 9 (6.04%) Information Security Manager
8 9 (6.04%) Risk Officer
9 8 (5.37%) Consultant
9 8 (5.37%) IT Manager
9 8 (5.37%) Security Risk Analyst
10 7 (4.70%) Information Risk Analyst
10 7 (4.70%) Senior Analyst
11 6 (4.03%) Information Security Officer
11 6 (4.03%) Security Architect
11 6 (4.03%) Security Officer
Libraries, Frameworks & Software Standards
1 2 (1.34%) REST
1 2 (1.34%) SOAP
2 1 (0.67%) .NET
2 1 (0.67%) .NET Framework
2 1 (0.67%) J2EE
2 1 (0.67%) LDAP
2 1 (0.67%) SailPoint
2 1 (0.67%) SAML
Miscellaneous
1 28 (18.79%) Management Information System
2 18 (12.08%) Cyberthreat
3 8 (5.37%) Self-Motivation
4 7 (4.70%) Data Protection Act
5 3 (2.01%) Cybercrime
5 3 (2.01%) Distributed Denial-of-Service
5 3 (2.01%) Public Cloud
5 3 (2.01%) Reinsurance
5 3 (2.01%) SCADA
6 1 (0.67%) CCTV
6 1 (0.67%) Cyberattack
6 1 (0.67%) Mobile App
6 1 (0.67%) Mobile Computing
6 1 (0.67%) Online Games
6 1 (0.67%) PMI
6 1 (0.67%) Renewable Energy
6 1 (0.67%) Robotics
6 1 (0.67%) Shadow IT
Operating Systems
1 11 (7.38%) Windows
2 9 (6.04%) Linux
3 2 (1.34%) Windows 10
4 1 (0.67%) Android
4 1 (0.67%) Apple iOS
4 1 (0.67%) Unix
Processes & Methodologies
1 104 (69.80%) Information Security
2 91 (61.07%) Risk Management
3 83 (55.70%) Cybersecurity
4 52 (34.90%) Agile Software Development
5 38 (25.50%) Continuous Improvement
5 38 (25.50%) Regulatory Compliance
6 32 (21.48%) IT Audit
7 29 (19.46%) Internal Audit
8 24 (16.11%) ITIL
8 24 (16.11%) Stakeholder Management
9 23 (15.44%) SDLC
10 22 (14.77%) OWASP
11 18 (12.08%) Risk Assessment
11 18 (12.08%) Scaled Agile Framework
12 17 (11.41%) Penetration Testing
12 17 (11.41%) Security Testing
12 17 (11.41%) Vulnerability Management
13 16 (10.74%) ITSM
13 16 (10.74%) Service Management
13 16 (10.74%) Visualisation
Programming Languages
1 8 (5.37%) SQL
2 4 (2.68%) C
3 1 (0.67%) PowerShell
Qualifications
1 111 (74.50%) CISM
2 110 (73.83%) CISSP
3 91 (61.07%) CISA
4 50 (33.56%) Degree
5 22 (14.77%) CGEIT
6 15 (10.07%) CEH
7 11 (7.38%) Cisco Certification
8 9 (6.04%) (ISC)2 CCSP
8 9 (6.04%) Security Cleared
9 7 (4.70%) SSCP
10 6 (4.03%) CCSP
10 6 (4.03%) DV Cleared
11 5 (3.36%) CESG Certified Professional
11 5 (3.36%) FFIEC
11 5 (3.36%) ISO 27001 Lead Auditor
12 4 (2.68%) GIAC
12 4 (2.68%) IISP
12 4 (2.68%) ISO 27001 Lead Implementer
12 4 (2.68%) PCI QSA
13 3 (2.01%) GSNA
Quality Assurance & Compliance
1 68 (45.64%) ISO/IEC 27001
2 42 (28.19%) NIST
3 34 (22.82%) COBIT
4 21 (14.09%) GRC
5 20 (13.42%) ISO/IEC 27002 (supersedes ISO/IEC 17799)
5 20 (13.42%) Sarbanes-Oxley
6 19 (12.75%) ITGC
7 17 (11.41%) Cyber Essentials
7 17 (11.41%) GDPR
8 8 (5.37%) PCI DSS
9 5 (3.36%) SOC 2
10 4 (2.68%) Cyber Essentials PLUS
10 4 (2.68%) ISO 22301
10 4 (2.68%) NIST 800
11 3 (2.01%) Actionable Recommendations
11 3 (2.01%) COSO
11 3 (2.01%) IFRS
11 3 (2.01%) SOC 1
12 2 (1.34%) ISO 31000
13 1 (0.67%) NCSC
System Software
1 4 (2.68%) Active Directory
2 1 (0.67%) Docker
Systems Management
1 6 (4.03%) RSA Archer
2 2 (1.34%) Ansible
2 2 (1.34%) CASB
2 2 (1.34%) Single Sign-On
3 1 (0.67%) FortiGate
3 1 (0.67%) Kubernetes
3 1 (0.67%) Opscode Chef
Vendors
1 12 (8.05%) Microsoft
2 10 (6.71%) Oracle
3 4 (2.68%) Cisco
4 3 (2.01%) Google
5 1 (0.67%) AlienVault
5 1 (0.67%) Alteryx
5 1 (0.67%) CheckPoint
5 1 (0.67%) CyberArk
5 1 (0.67%) Facebook
5 1 (0.67%) McAfee
5 1 (0.67%) Palo Alto
5 1 (0.67%) Splunk
5 1 (0.67%) Symantec