IARCP | CERTIFICATION

Note: Membership is not a prerequisite for obtaining certifications from the association.

Our training and certification programs.

1. Certified Risk and Compliance Management Professional (CRCMP), distance learning and online certification program. You can find the program below on this page.

2. Certified Risk and Compliance Management Professional in Hybrid Risk and Resilience Management - CRCMP(HR²M), distance learning and online certification program. You may visit: https://www.risk-compliance-association.com/CRCMP_HR2M.htm

Note: This is an advanced specialization in Hybrid Risk and Resilience Management, designed exclusively for CRCMPs. Enrollment in the CRCMP(HR²M) program is restricted to professionals who have already passed the CRCMP exam.

3. Certified Information Systems Risk and Compliance Professional (CISRCP), distance learning and online certification program. You may visit: https://www.risk-compliance-association.com/CISRCP_Distance_Learning_and_Certification.htm

4. Certified Risk and Compliance Management Professional in Insurance and Reinsurance CRCMP(Re)I, distance learning and online certification program. You may visit: https://www.risk-compliance-association.com/CRCMP_Re_I.htm

5. Certified Cyber (Governance Risk and Compliance) Professional - CC(GRC)P, distance learning and online certification program. You may visit: https://www.risk-compliance-association.com/CC_GRC_P_Distance_Learning_and_Certification.htm

6. Travel Security Trained Professional (TSecTPro), distance learning and online certification program. You may visit: https://www.risk-compliance-association.com/TSecTPro_Distance_Learning_and_Certification.htm

Certified Risk and Compliance Management Professional (CRCMP), distance learning and online certification program

Note: The Certified Risk and Compliance Management Professional (CRCMP) program is entirely separate from FINRA’s Certified Regulatory and Compliance Professional (CRCP) program. The CRCMP program is not affiliated with or endorsed by FINRA. Each program serves a distinct purpose within the broader field of compliance and risk management and is provided by two independent legal entities with no affiliation to one another.

Overview

The CRCMP has gained significant recognition as a top certification for professionals in risk management and compliance. With CRCMP holders in 57 countries, companies and organizations around the world consider it a preferred certification choice.

Discover more about the demand for CRCMPs at: https://www.risk-compliance-association.com/CRCMP_Jobs_Careers.pdf




Objectives

The program has been designed to equip participants with the skills needed to understand and support regulatory compliance and enterprise-wide risk management. The program also provides with the skills needed to become a Certified Risk and Compliance Management Professional (CRCMP), a certification that provides independent evidence to firms and organizations that you have a quantifiable understanding of the subject matter.

Target Audience

A range of professionals must have a solid foundation in risk and compliance management frameworks, regulatory obligations, internal controls, and corporate governance.

1. Risk Managers and Professionals: The CRCMP program equips them with a comprehensive understanding of risk and compliance frameworks, regulatory obligations, and risk governance. It enhances their ability to align risk management strategies with legal and regulatory expectations across industries. They are better equipped to understand, identify, assess, and manage risks, and integrate risk mitigation strategies into business processes, ensuring alignment with regulatory expectations.

2. Compliance Managers and Professionals: The CRCMP program provides a solid foundation in global compliance frameworks, regulatory requirements, and best practices. It helps professionals design, implement, and monitor effective compliance programs across diverse regulatory environments. They are better equipped to interpret evolving regulations, manage internal controls, and engage confidently with regulators.

3. Internal Auditors: The CRCMP program strengthens internal auditors’ understanding of compliance risks, regulatory frameworks, and control design. It enhances their ability to assess the effectiveness of compliance programs and internal controls across the organization. They are better prepared to identify gaps, recommend improvements, and provide assurance to senior management and the Board.

4. IT and Information Security Professionals: As cyber threats increasingly intersect with regulatory and compliance concerns, these professionals benefit from the CRCMP program’s coverage of cyber risk frameworks, data protection obligations, and IT governance requirements. The CRCMP program empowers them to align security protocols with risk and compliance management strategies and obligations.

5. Legal and Corporate Governance Professionals: The CRCMP program deepens their understanding of regulatory frameworks, risk governance, and compliance obligations across jurisdictions. It supports them in advising on risk exposure, policy development, and regulatory disclosures. They are better equipped to ensure that organizations act within international legal and ethical boundaries and to support the Board and executive management.

6. Finance Managers and Professionals: In heavily regulated sectors like banking, insurance, and investment services, where these professionals must navigate complex regulatory environments, the CRCMP program supports them by deepening their knowledge of global risk and compliance standards and regulatory expectations.

7. Consultants and Advisory Professionals: They can play a vital role in supporting risk and compliance management by bringing expertise, structure, and objectivity to the process. They help companies assess their readiness, identify gaps, and design effective internal control frameworks.

Consultants assist in documenting processes, control narratives, and risk-control matrices, and often support the testing of both design and operating effectiveness of controls. When deficiencies are found, consultants support remediation efforts and help implement sustainable solutions. They also support communication between departments, align risk and compliance management efforts with audit timelines, and assist in preparing documentation for external auditors. In many cases, consultants offer strategic advice on automation, technology integration, and improving overall control efficiency. Ultimately, they help companies maintain a consistent, well-documented, and auditable approach to risk and compliance management.

The CRCMP program gives consultants and advisory professionals a deeper understanding of globally recognized principles in risk management, compliance, internal audit, IT security, legal frameworks, and corporate governance, enabling them to better support clients in meeting international standards and regulatory expectations.

8. Project Managers: They are critical for risk and compliance management. The CRCMP program helps them understand the regulatory and risk landscape impacting cross-functional initiatives, and to integrate compliance and risk requirements into project planning, execution, and reporting. They can better coordinate cross-functional teams, and ensure that all stakeholders stay aligned, informed, and accountable.

9. Service providers: The CRCMP program helps service providers understand the risk and compliance management expectations of their clients, especially in highly regulated industries. It enables them to align their services with regulatory requirements. They enhance their credibility, support client risk management, compliance and audit teams, and reduce the risk of becoming a risk and compliance weak point in the supply chain.


Course Synopsis

Part A: Introduction to governance, risk, compliance, risk management.

Governance and corporate governance.

- Basel Committee, corporate governance principles.
- The OECD (Organization for Economic Cooperation and Development) principles of corporate governance.
- Financial Stability Board (FSB), Thematic Review on Risk Governance.
- FSB, Thematic Review on Corporate Governance.
- FSB, Strengthening Governance Frameworks to Mitigate Misconduct Risk.
- Case studies.

What is risk?

- Risk and uncertainty.
- Risk in the corporate and the military environment.
- Risk response.
- Risk acceptance.
- Risk avoidance.
- Risk transfer, risk sharing.
- Risk mitigation.
- Is risk a good or a bad thing?
- Risk and opportunity, US National Intelligence Strategy.
- Cyber risks.
- Policies, Procedures, Baselines, Guidelines, Ethics.
- Threats and Vulnerabilities.
- Case studies.

Understanding risk management.

- Risk management, and the role of the Chief Risk Officer (CRO).
- Risk management challenges.
- Risk perception, optimism bias, availability bias, control bias, narrative bias.
- Over-optimism, misrepresentation, alarmism, prejudice.
- Risk management in the corporate and the military environment.
- NIST Special Publication 800-30.
- Risk Mitigation Methodology Flowchart.
- Case studies.

Understanding Compliance Management.

- Compliance, and the role of the Chief Compliance Officer (CCO).
- Regulatory reporting.
- Training.
- Enterprise-wide risk and compliance program.
- Compliance and the compliance function in banks, from the Basel Committee.
- Case studies.

Outsourcing and Risk Management.

- Key Risks of Outsourcing.
- Outsourcing and Compliance.


Part B: Sarbanes-Oxley, an international standard.

The need.

- Companies affected.
- American Depository Receipt (ADR) program.
- Employees affected.
- Foreign Private Issuers (FPIs) and Sarbanes-Oxley compliance.
- EDGAR - Electronic Data Gathering, Analysis, and Retrieval system.
- Case Studies.

The Sarbanes-Oxley Act.

- Key sections, what we need to know.
- Board's new responsibilities.
- Management’s testing and documentation.
- Management’s responsibilities.
- Committees and teams.
- Sections 302, 404, 906: The three certifications.
- Sections 302, 404, 906: Examples and case studies.
- The Securities and Exchange Commission (SEC) and the Sarbanes-Oxley Act.
- The PCAOB and the new Auditing Standards: What we need to know.
- Control Deficiency.
- Deficiency in Design.
- Deficiency in Operation.
- Significant Deficiency.
- Material Weakness.

The Scope of the Sarbanes-Oxley Act.

- Software and Spreadsheets after the Sarbanes-Oxley Act.
- Service providers.

E-SOX, the European Sarbanes-Oxley.

- The 8th Company Law Directive of the European Union.
- Ahold, Parmalat and the new rules.
- The “equivalence” of a third country.

J-SOX, the Japanese Sarbanes-Oxley.

- From Enron to Livedoor, Kokudo, Kanebo.
- The Financial Instruments and Exchange Law.
- J-SOX requirements similar to the U.S. Sarbanes-Oxley Act.
- From the Financial Services Agency (FSA) to the Certified Public Accountants and Auditing Oversight Board (CPAAOB), to the Securities and Exchange Surveillance Commission (SESC).


Part C: Basel III – the new international standards in governance, risk, and compliance

- The Bretton Woods Agreement.
- Bankhaus Herstatt.
- The Bank for International Settlements (BIS).
- The Basel Committee on Banking Supervision (BCBS).
- The purposes of the Basel framework.

Basel I, Basel II, Basel III.

- Basel I, the First Basel Capital Accord.
- Basel II, the major amendment.
- Pillar 1: Minimum capital requirements.
- Pillar 2: Supervisory review process.
- Pillar 3: Market discipline.
- Branch office vs. subsidiary.
- Credit risk, market risk, operation risk.
- Operating, Operations, Operational risks.
- Seven Event Types (Loss Categories).
- The 8 business lines.
- Delphi method, exploring the future.
- 5 categories of control breakdowns.

The Basel III amendment.

- The objective of the reform.
- Basel III, sound corporate governance principles.
- A. Board practices.
- B. Senior management.
- C. Risk management and internal controls.
- D. Compensation.
- E. Complex or opaque corporate structures.
- F. Disclosure and transparency.
- The role of the supervisors.


Part D: The Frameworks

COSO Internal Control — Integrated Framework.

- The COSO cube.
- Control Environment.
- Risk Assessment.
- Control Activities.
- Information and Communication.
- Monitoring.
- Effectiveness and Efficiency of Operations.
- Reliability of Financial Reporting.
- Compliance with applicable laws and regulations.

The new COSO Internal Control — Integrated Framework.

- The updated COSO cube.
- Example: Cyber risk and COSO.

COSO Enterprise Risk Management (ERM) Framework.

- The differences between COSO and COSO ERM.
- Components of Enterprise Risk Management.
- The COSO ERM cube.

Is COSO ERM needed for compliance?

- Internal Environment.
- Objective Setting.
- Event Identification.
- Risk Assessment.
- Risk Response.
- Control Activities.
- Information and Communication.
- Monitoring.
- Objectives: Strategic, Operations, Reporting, Compliance.
- ERM, Application Techniques.
- 2017, the updated COSO ERM.
- Enterprise Risk Management and Strategy Selection.


Part E: Designing and implementing a risk and compliance program.

Which is the best program?

- Principles of Effective Compliance Programs, from the US Bureau of Industry and Security.
- Comprehensive compliance programs.
- U.S. Department of Justice, Evaluation of Corporate Compliance Programs.
- The three fundamental questions.
- 1. Is the Corporation’s Compliance Program Well Designed?
- 2. Is the Corporation’s Compliance Program Being Implemented Effectively?
- 3. Does the Corporation’s Compliance Program Work in Practice?


Part F: Artificial Intelligence and Risk Management.

Note: The aim of this section is to provide a solid foundational understanding of the subject. A comprehensive, in-depth analysis would require thousands of pages and is beyond the scope of this program.

Artificial intelligence, machine learning, synthetic data.

- AI, machine learning, and risk.
- AI, prevention, detection and response.
- The case study from Morgan Stanley.
- AI, disinformation, deep fakes, sock puppets, social bots, cyborgs, micro-targeting.

The Artificial Intelligence Act of the EU.

- The Framework for AI Cybersecurity Practices (FAICP framework), from the European Union Agency for Cybersecurity.
- Layer I (cybersecurity foundations).
- Layer II (AI-specific).
- Layer III (Sectoral AI).

The NIST framework: Artificial Intelligence Risk Management Framework (AI RMF 1.0).

- Part 1: Foundational Information.
- Part 2: Core and Profiles.
- AI RMF Profiles.

Closing remarks.


Become a Certified Risk and Compliance Management Professional (CRCMP)

We will send the program up to 24 hours after the payment. Please remember to check your spam or junk folder, as emails with attachments may occasionally be filtered there.

You are entitled to a full refund within 60 days of your payment. If you decide not to proceed with any of our programs or services for any reason, simply send us an email — we’ll process your refund with no questions asked.

Payments are processed by our strategic partner and service provider, Cyber Risk GmbH (Dammstrasse 16, 8810 Horgen, Switzerland, registered in the Commercial Register of the Canton of Zürich, Company Number: CHE-244.099.341).

The all-inclusive price is $297 (one time fee). There is no additional cost, now or in the future, for this program.


First option: You can purchase the Certified Risk and Compliance Management Professional (CRCMP) program with VISA, MASTERCARD, AMEX, Apple Pay, Google Pay etc.

Purchase the CRCMP program here (VISA, MASTERCARD, AMEX, Apple Pay, Google Pay etc.)




Second option: QR code payment.

i. Open the camera app or the QR app on your phone.

ii. Scan the QR code and possibly wait for a few seconds.

iii. Click on the link that appears, open your browser, and make the payment.




Third option: You can purchase the Certified Risk and Compliance Management Professional (CRCMP) program with PayPal



What is included in the program:

A. The official presentations (2028 slides, delivered as downloadable PDF files)

The presentations are designed to support both online and offline study, offering maximum flexibility for busy professionals. Whether you prefer to learn at your desk, on the go, or without an internet connection, the presentations are readily accessible and designed to adapt seamlessly to your individual schedule and learning preferences.

You have complete control over your learning experience, allowing you to progress at your own pace. You can move quickly through topics you’re already familiar with and dedicate more time to areas that require deeper understanding. This self-paced approach ensures efficient, focused learning that fits seamlessly into your professional and personal commitments, with no deadlines, no pressure, no expiration date, and no time limit to complete the program.

B. Up to 3 online exam attempts per year

To earn the Certified Risk and Compliance Management Professional (CRCMP) designation, candidates are required to pass a single certification exam. If a candidate does not pass on the first attempt, they are encouraged to review the official training presentations and retake the exam.

Each candidate is permitted up to three exam attempts within a 12-month period, starting from the date of the first attempt.
- If the first attempt is unsuccessful, a second attempt is allowed using the same exam credentials.
- If the second attempt is also unsuccessful, a third attempt is permitted, again using the same credentials.
- If the candidate does not achieve a passing score after the third attempt, they must wait one year before retaking the exam. New exam credentials will be issued at that time.

There is no additional cost for any additional exam attempt.

To learn more, you may visit:

https://www.risk-compliance-association.com/Questions_About_The_Certification_And_The_Exams_1.pdf

https://www.risk-compliance-association.com/CRCMP_Certification_Steps_1.pdf

C. The Certificate, with a scannable QR code for verification.

You will receive your certificate via email in Adobe Acrobat (PDF) format within 7 business days of passing the exam. Each certificate includes a scannable QR code for verification. For the purposes of this policy, business days are Monday through Friday, excluding weekends and public holidays.

Certified Risk and Compliance Management Professional (CRCMP)

D. One web page of the International Association of Risk and Compliance Professionals (IARCP) dedicated to you (risk-compliance-association.com/Your_Name.htm).

When third parties scan the QR code on your certificate, they will be directed to your dedicated page on the International Association of Risk and Compliance Professionals (IARCP) website. Here, they can verify that you are a certified professional and confirm the validity and legitimacy of your certificates.

On this dedicated web page, we will display your name, the certificates you have received from us, images of your certificates, and, if applicable, a picture of your lifetime membership certificate.

This is an example:

https://www.risk-compliance-association.com/John_Anderson.htm

Professional certificates are among the most commonly falsified documents. Employers and third parties need a quick and reliable way to verify their authenticity. QR code verification provides an effective and efficient solution to this need.

Frequently Asked Questions

1. I want to learn more about the International Association of Risk and Compliance Professionals (IARCP).

The IARCP is a global community of risk and compliance management experts who explore career avenues and acquire lifelong skills.

The IARCP is wholly owned by Compliance LLC, a company incorporated in Wilmington, NC, with offices in Washington, DC. Compliance LLC provides risk and compliance training and certification in 57 countries.

Several business units of Compliance LLC operate as successful associations, offering membership, weekly or monthly updates, training, certification, interest representation, and other services to their members. The business units of Compliance LLC include:

- The Sarbanes-Oxley Compliance Professionals Association (SOXCPA), the largest Association of Sarbanes-Oxley professionals in the world. You may visit: https://www.sarbanes-oxley-association.com

- The Basel iii Compliance Professionals Association (BiiiCPA), the largest association of Basel iii Professionals in the world. You may visit: https://www.basel-iii-association.com

- The Solvency II Association, the largest association of Solvency II professionals in the world. You may visit: https://www.solvency-ii-association.com

The Certified Risk and Compliance Management Professional (CRCMP) certificate has become one of the most recognized certificates in risk management and compliance. There are CRCMPs in 57 countries. Companies and organizations around the world consider the CRCMP a preferred certificate.

You can find more about the demand for CRCMPs at: https://www.risk-compliance-association.com/CRCMP_Jobs_Careers.pdf


CRCMP

2. What types of training does the association offer?

The IARCP provides distance learning and online certification programs globally, along with in-house, instructor-led training programs for companies and organizations in many countries.

A. Distance learning and online certification programs.

1. Certified Risk and Compliance Management Professional (CRCMP). To learn more, you may visit: https://www.risk-compliance-association.com/Distance_Learning_and_Certification.htm

2. Certified Risk and Compliance Management Professional in Hybrid Risk and Resilience Management - CRCMP(HR²M). To learn more, you may visit: https://www.risk-compliance-association.com/CRCMP_HR2M.htm

3. Certified Information Systems Risk and Compliance Professional (CISRCP). To learn more, you may visit: https://www.risk-compliance-association.com/CISRCP_Distance_Learning_and_Certification.htm

4. Certified Risk and Compliance Management Professional in Insurance and Reinsurance CRCMP(Re)I. To learn more, you may visit: https://www.risk-compliance-association.com/CRCMP_Re_I.htm

5. Certified Cyber (Governance Risk and Compliance) Professional CC(GRC)P. To learn more, you may visit: https://www.risk-compliance-association.com/CC_GRC_P_Distance_Learning_and_Certification.htm

6. Travel Security Trained Professional (TSecTPro). To learn more, you may visit: https://www.risk-compliance-association.com/TSecTPro_Distance_Learning_and_Certification.htm

B. Instructor-led training.

The association develops and maintains five certification programs and numerous customized training programs for directors, executive managers, risk and compliance managers, internal and external auditors, data owners, process owners, consultants, suppliers, and service providers.

For instructor-led training, you may contact Lyn Spooner at: lyn@risk-compliance-association.com

3. Is there any discount available for the distance learning programs?

To keep our programs as affordable as possible for all members, we do not offer a discount on the first program. However, you will receive a $100 discount on your second and every subsequent program.

For example, after purchasing the Certified Risk and Compliance Management Professional (CRCMP) program for $297, you are eligible for exclusive discounts on additional programs, including:

1. The Certified Information Systems Risk and Compliance Professional (CISRCP) program for $197 (regular price: $297).

2. The Certified Cyber (Governance Risk and Compliance) Professional - CC(GRC)P program for $197 (regular price: $297).

3. The Certified Risk and Compliance Management Professional in Insurance and Reinsurance - CRCMP(Re)I program for $197 (regular price: $297).

4. The Travel Security Trained Professional (TSecTPro) program for $197 (regular price: $297).

When you purchase the Certified Cyber (Governance, Risk, and Compliance) Professional – CC(GRC)P program, you’ll receive a 50% discount on the Travel Security Trained Professional (TSecTPro) program. The all-inclusive cost is reduced to $148 (regular price: $297).

Please note that the standard $100 discount, which is normally applied to a participant’s second and subsequent programs, does not apply in the CRCMP(HR²M) program. This policy reflects the unique nature, development effort, and specialized content of it.

Lifetime members are entitled to a 50% discount on the CRCMP(HR²M) program too. This benefit applies in the same way as for all our other programs, ensuring that lifetime members continue to receive half off the regular program fee. Please note that no additional discounts or exceptions apply to the CRCMP(HR²M) program for any reason.

Cyber Risk GmbH (Dammstrasse 16, 8810 Horgen, Switzerland, CHE-244.099.341), acting as a strategic partner and authorized service provider of the International Association of Risk and Compliance Professionals (IARCP), extends a $100 discount on each of the online training programs listed below to individuals who have previously enrolled in any online training program offered by the IARCP. This special offer is designed to support your continued growth and professional development.

1. NIS 2 Directive Trained Professional (NIS2DTP)

2. Digital Operational Resilience Act Trained Professional (DORATPro)

3. Critical Entities Resilience Directive Trained Professional (CERDTPro)

4. Data Act Trained Professional (DataActTPro)

5. Data Governance Act Trained Professional (DatGovActTP)

6. European Chips Act Trained Professional (EChipsActTPro)

7. Digital Services Act Trained Professional (DiSeActTPro)

8. Digital Markets Act Trained Professional (DiMaActTPro)

9. Artificial Intelligence Act Trained Professional (AIActTPro)

To receive the URL for the discounted rate, please email us with the subject line: "Request for Discounted Program URL."

In the email, please let us know:

a. Which was the name and email address of the person or legal entity that had purchased the program from the International Association of Risk and Compliance Professionals (IARCP).

b. Which is the program you want to purchase now at $197 instead of $297.

You will receive the URL for the discounted price for your second and subsequent programs within 48 hours (business days).

4. Are your training and certification programs vendor neutral?

Yes, absolutely. All of our training and certification programs are completely vendor-neutral. This means we do not promote or rely on any specific tools, products, or service providers. Instead, we focus on universally applicable concepts, frameworks, and best practices that are recognized across the industry. Our goal is to provide participants with knowledge and skills that are transferable to any organization or environment, regardless of the technologies or vendors they use. By staying independent from vendors, we ensure that our programs remain objective, practical, and relevant to a wide range of roles and sectors.

5. Are there any entry requirements or prerequisites required for enrolling in the training programs?

There are no entry requirements or prerequisites for enrollment in our programs. We believe that learning should be accessible to everyone, regardless of their background, academic credentials, or professional experience. In contrast to providers that set stringent prerequisites or entry barriers, our approach prioritizes accessibility and openness. We do not believe that the opportunity to learn and grow should be limited by prior qualifications. Whether you're just beginning your career, changing paths, or expanding your expertise, our programs are designed to support individuals at all levels. Each course provides a clear and structured learning path, allowing individuals at all levels to gain valuable insights, and build practical skills. Our approach empowers motivated learners from different industries and career stages to gain value and opportunity from the program.

There is one exception. The CRCMP(HR²M) advanced specialization program is available exclusively to those who have already passed the Certified Risk and Compliance Management Professional (CRCMP) exam. It builds on the solid foundation of the CRCMP designation and equips participants with cutting-edge knowledge to understand, identify, assess, and effectively manage complex hybrid risks.

6. I want to learn more about the exam.

You can take the exam online from your home or office, in all countries.

It is an open book exam. Risk and compliance management is something you must understand and learn, not memorize. You must acquire knowledge and skills, not commit something to memory.

You will be given 90 minutes to complete a 35-question exam. You must score 70% or higher.

The exam contains only questions that have been clearly answered in the official presentations.

All exam questions are multiple-choice, composed of two parts:

a. A stem (a question asked, or an incomplete statement to be completed).

b. Four possible responses.

In multiple-choice questions, you must not look for a correct answer, you must look for the best answer. Cross out all the answers you know are incorrect, then focus on the remaining ones. Which is the best answer? With this approach, you save time, and you greatly increase the likelihood of selecting the correct answer.

TIME LIMIT - This exam has a 90-minute time limit. You must complete this exam within this time limit, otherwise the result will be marked as an unsuccessful attempt.

BACK BUTTON - When taking this exam you are NOT permitted to move backwards to review/change prior answers. Your browser back button will refresh the current page instead of moving backward.

RESTART/RESUME – You CANNOT stop and then resume the exam. If you stop taking this exam by closing your browser, your answers will be lost, and the result will be marked as an unsuccessful attempt.

SKIP - You CANNOT skip answering questions while taking this exam. You must answer all the questions in the order the questions are presented.

We do not send sample questions or past exams. If you study the presentations, you can score 100%.

a. When you are ready to take the CRCMP exam, you must follow the steps: https://www.risk-compliance-association.com/CRCMP_Certification_Steps_1.pdf

b. When you are ready to take the CRCMP(HR²M) exam, you must follow the steps: https://www.risk-compliance-association.com/CRCMP_HR2M_Certification_Steps_1.pdf

c. When you are ready to take the CISRCP exam, you must follow the steps: https://www.risk-compliance-association.com/CISRCP_Certification_Steps_1.pdf

d. When you are ready to take the CRCMP(Re)I exam, you must follow the steps: https://www.risk-compliance-association.com/CRCMP_Re_I_Certification_Steps.pdf

e. When you are ready to take the CC(GRC)P exam, you must follow the steps: https://www.risk-compliance-association.com/CC_GRC_P_Certification_Steps_1.pdf

f. When you are ready to take the TSecTPro exam, you must follow the steps: https://www.risk-compliance-association.com/TSecTPro_Certification_Steps_1.pdf

7. How comprehensive are the presentations? Are they just bullet points?

The presentations are not collections of bullet points, they are thoughtfully structured, in-depth learning materials designed to provide clear explanations, context, and real-world relevance. Unlike slide decks that rely on brief summaries, our presentations guide you through each concept in a comprehensive and engaging manner. They are highly effective for both online and offline study, making them ideal for professionals who value substance and flexibility in their learning experience.

8. Do I need to buy books to pass the exam?

No. If you study the presentations, you can pass the exam. All the exam questions are clearly answered in the presentations. If you fail the first time, you must study more. You can:

- Highlight key terms and sections to help you focus during review.
- Add digital sticky notes (just like Post-it notes) anywhere in the document to remind yourself where specific answers or explanations are.
- Underline or circle text using freehand drawing tools.
- Add bookmarks to easily navigate to important sections.
- Search each document using keywords to quickly find what you need.

9. Is it an open book exam? Why?

Yes, it is an open book exam. Risk and compliance management is a field that requires deep understanding, critical thinking, and the ability to apply principles in real-world situations, not simply the ability to memorize facts. The goal of our certification programs is to help you build lasting knowledge and practical skills that you can confidently use in your professional role.

In real-life scenarios, risk and compliance professionals have access to regulations, frameworks, and reference materials, and are expected to use them thoughtfully. Our open book exam reflects this reality by assessing your comprehension and ability to apply what you've learned, rather than testing your memory.

10. Do I have to take the exam soon after receiving the presentations?

No, there is no fixed exam date. You may take the exam at any time that suits you within four (4) years from the date of your payment. Your access to the training materials, including any future updates, will remain available to you at no additional cost during this four-year period.

The Association reserves the right to amend the General Terms and Conditions (GTC) at any time. Any changes will become effective upon publication on the website of the Association and will apply exclusively to training programs purchased after the date of modification.

For our distance learning and online certification programs, the General Terms and Conditions (GTC) in effect at the time of purchase shall apply for a period of four (4) years from the date of payment. After the expiry of this four-year period, the participant’s access to the program and the right to take the exam shall expire. Any future participation in the program shall require a new enrollment and will be subject to the General Terms and Conditions in force at that time.

The Association may, at its sole discretion, extend the four-year period for individual participants or for a group of participants. Such an extension is a voluntary option of the Association and shall not create any obligation, entitlement, or precedent for future cases.

11. Do I have to spend more money in the future to remain certified?

No. Your certificate is issued with lifetime validity and does not expire. There are no renewal fees, no hidden costs, and no requirement to retake the exam in the future. Once certified, you remain certified.

12. Ok, the certificate never expires, but what about changes in the field?

Things do change. While many organizations introduce mandatory recertification as a recurring revenue stream, we’ve taken a different approach. Although we were advised to "introduce multiple recurring revenue streams to keep business flowing", we made a conscious decision to prioritize long-term value for our members over short-term profit. That’s why no recertification is required for our programs.

Instead, we are committed to keeping you informed and up to date, at no cost. We invite you to visit the Association’s Reading Room each week and explore our newsletter, where you’ll find valuable insights, regulatory updates, timely alerts, and new opportunities. This ongoing access ensures you remain current and well-informed in a dynamic and constantly evolving field.

13. How many hours do I need to study to pass the exam?

To ensure you have learned the details, you should study the presentations at least twice. The average time required is:

- 37 hours for the CRCMP program,
- 44 hours for the CRCMP(HR²M) program,
- 28 hours for the CISRCP program,
- 32 hours for the CC(GRC)P program,
- 34 hours for the CRCMP(Re)I program, and
- 12 hours for the TSecTPro program.

This is the average time needed. There are important differences among members.

14. I would like to receive a printed certificate. Can you send me one?

Unfortunately, we do not issue printed certificates. Instead, you will receive your official certificate via email in Adobe Acrobat (PDF) format, which includes a scannable QR code for instant verification. Certificates are issued within 7 business days after you pass the exam. Please note that business days refer to Monday through Friday, excluding weekends and public holidays.

To ensure authenticity and transparency, the association creates a dedicated web page for each certified professional (risk-compliance-association.com/Your_Name.html). This page will include your full name, a list of all certificates you have earned from the association, and images of your certificates.

When a third party scans the QR code on your certificate, they are directed to your personalized verification page. This allows employers, clients, and other stakeholders to easily confirm that your certification is valid, current, and legitimately issued.

Professional certificates are among the most frequently falsified documents. Providing a secure, scannable QR code with direct access to official verification offers a fast, reliable, and efficient solution. You may also print your certificate from the PDF file at any time, with the embedded QR code ensuring instant and reliable validation.

15. What is the refund policy?

The association maintains a clear and customer-friendly refund policy. You are entitled to request a full refund within 60 days of your payment, no questions asked. If, for any reason, you decide that one of our programs or services is not right for you, simply send us an email within this 60-day window.

Once we receive your request, we will process your refund within one business day. There are no forms to fill out, no explanations required, and no delays. Our goal is to provide a risk-free and stress-free experience.

16. Why should I get certified, and why should I choose your certification programs?

1. Global Recognition: The Certified Risk and Compliance Management Professional (CRCMP) designation has become one of the most widely recognized certifications in risk management and compliance. CRCMP-certified professionals live and work in 57 countries, and organizations worldwide recognize the CRCMP as a preferred and trusted credential in risk and compliance management. To learn more about the demand for CRCMP holders, please refer to: https://www.risk-compliance-association.com/CRCMP_Jobs_Careers.pdf

2. Flexible and Convenient Learning: Our training programs are designed with flexibility in mind. Participants can access course materials and complete the certification exam anytime, from anywhere. This is especially beneficial for professionals with demanding schedules who need to learn at their own pace.

3. Affordable, All-Inclusive Pricing: Each program is offered at a low, all-inclusive price. There are no hidden fees or additional costs, now or in the future, for any reason.

4. Discounts on Additional Programs: When you enroll in a second program, you receive a $100 discount. This means the all-inclusive cost for your second (and every additional) program is $197 (compared to the regular price of $297). There are no hidden fees or recurring charges. This discount is our way of supporting your continued professional development. Please note that the standard $100 discount, which is normally applied to a participant’s second and subsequent programs, does not apply in the CRCMP(HR²M) program.

5. Multiple Exam Attempts Included: Each program includes up to three exam attempts per year at no additional cost, as outlined above.

6. No Recertification Required: Your certificates are issued with lifetime validity. No recertification is required, and your credentials will not expire.

7. Potential for Career Advancement and Industry Recognition: There is a clear and growing demand for qualified professionals in risk and compliance management. Certified individuals are often recognized by employers, may enjoy broader career opportunities, and may be preferred for promotions or new roles. Earning a professional certification demonstrates your commitment to continuous learning and your active engagement in a global community of experts.

However, it’s important to note that no certificate, regardless of its reputation, can guarantee a new or better job. Career advancement depends on many factors, including supply and demand, market conditions, and timing. Certification is a valuable asset, but it is only one part of a larger professional development journey.

8. The fit and proper requirement in regulations: Firms and organizations hire and promote fit and proper professionals who can provide evidence that they are qualified. Employers need assurance that managers and employees have the knowledge and skills needed to mitigate risks and accept responsibility. Supervisors and auditors ask for independent evidence that professionals are qualified, and that controls can operate as designed, because the persons responsible for these controls have the necessary knowledge and experience.

9. Increased Earning Potential: Professionals who invest in gaining new skills and recognized certifications may become eligible for higher-paying roles. Training and ongoing professional development may significantly enhance your earning potential and contribute to long-term career success. However, it’s important to understand that increased earnings are not guaranteed. Compensation and career advancement depend on various factors. Certification is a valuable tool, but not a guarantee on your path to career growth.

IARCP, some of our clients