eSkills training and certification are often hard to compare. They may be very specific and focused on the latest technology of one of the hardware or software suppliers, or more generic and providing overview of a field like architecture, business analysis or information security.One solution for this enigma is comparing learning outcomes with the e-competences defined in the e-Competence Framework e-CF and with the ICT Profiles of the CEN Workshop on ICT Skils. This is the core idea of the Certification Profiles listed below.
A Certification Profile contains the core information about an eSkills related certificate and shows which e-competencies match with obtaining the certificate and compares those with the most relevant ICT-profiles.
|Title||Microsoft Certified in Risk and Information Systems Control (CRISC)|
|Description||The Risk and Information Systems Control certificate proves IT professionals to be able to be a strategic partner to the enterprise in managing IT and enterprise risk management.|
- IT professionals in enterprise risk management strategic partners to the enterprise
|Corresponding ICT profiles||
- ICT SECURITY MANAGER
- QUALITY ASSURANCE MANAGER
- Work experience in the field
- Adherence to the Code of Professional, Ethics and the Continual Professional Education Program
- Risk Identification, Assessment and Evaluation (to enable the execution of the enterprise risk management strategy)
- Risk Response (to ensure that risk factors and events are addressed in a cost-effective manner and in line with business objectives)
- Risk Monitoring (to ensure the continued effectiveness of the enterprise\\\'s risk management strategy)
- Information Systems Control Design and Implementation (in alignment with the organization’s risk appetite and tolerance levels)
- Information Systems Control Monitoring and Maintenance (to ensure that they function effectively and efficiently)
|Competence covered with this certificate||Competence from the ICT Profiles|
|e-CF competency||Level||G/P/S||ICT SECURITY MANAGER||QUALITY ASSURANCE MANAGER|
|A.1 IS and Business Strategy Alignment||4||P|
|A.7 Technology Trend Monitoring||4|
|D.1 Information Security Strategy Development||4||P||5|
|D.2 ICT Quality Strategy Development||4||S||4|
|E.3 Risk Management||4||G||3||3|
|E.5 Process Improvement||3|
|E.6 ICT Quality Management||4||S||4|
|E.8 Information Security Management||3||P||4|
|E.9 IS Governance||4||P||4|
Back to list
Any mapping to the e-CF will have to deal with cases where the e-competence at hand, e.g. in a learning outcome, does not fit the description in the e-CF to its full extend. Here we used a grading (G/P/S) such that for e-competency:
For each e-competency the G (General), P (Partial) and S (Superficial) indicate the extend the competency is covered by the certificate:
Someone with this certificate will most likely have the competence.
The content of the requirements for the certificate match with the description of the competence but some parts of the competence are missing (e.g. no evidence of some of the practical skills).
The content of the requirements mentions parts of the competence description, but there is no evidence that obtaining the certificate will show possession of this competence.
The methodology behind the Certification Profiles has been developed during the eSkills Quality study for the European Commission. The final report of this study is available here.