RIMS-CRMP-FED Examination
The RIMS-CRMP-FED exam is open to anyone who meets the eligibility requirements. The computer-based exam is proctored by Pearson VUE and consists of 170 questions with a three-hour duration. The first part of the exam covers the core RIMS-CRMP and is 120 questions in a two-hour duration. The second part of the exam covers the RIMS-CRMP-FED credential and is 50 questions in one hour.
In order to take the FED portion of the exam, you must pass the core RIMS-CRMP exam first. Please click here to review the RIMS-CRMP Exam Domains.
All RIMS-CRMP-FED candidates must have prior authorization from the RIMS-CRMP Certification Department to take the examination. The candidate must present two forms of ID to the examination proctor and meet all other test security requirements at the
examination location (a list of acceptable forms of identification can be found in the RIMS-CRMP Certification Handbook). Additional details on taking the examination are provided to candidates in the email they receive from the RIMS-CRMP Certification
Department once their application is approved.
Pearson VUE testing centers are located throughout the United States, Canada and around the globe.
RIMS-CRMP-FED Examination Blueprint
DUTIES AND TASKS | % |
I. Understanding the Federal Government Enterprise Risk Management Environment | 40% |
IA. Identify sources of government information and reporting (e.g., GAO, OIG, internal reports) | |
IB. Assess key stakeholders | |
IC. Identify the alignment between Enterprise Risk Management and Internal Controls in the Federal government environment | |
ID. Analyze Federal government Enterprise Risk Management initiatives according to Federal government standards (e.g., OMB, GAO, NIST, etc.) | |
IE. Identify Federal government reporting requirements | |
IF. Distinguish between Federal government reporting requirements | |
Enterprise Risk Management Implementation in the Federal Government | 50% |
IIA. Communicate roles and responsibilities within the Federal agency’s ERM process | |
IIB. Coordinate and work with stakeholders and partners (e.g., oversight bodies, internal, external, public or private sector, Federal, State, Local, Tribal, Territorial, etc. | |
IIC. Engage Federal government risk networks [Communities of Practices (CoP) internal to the organization and external networks such as professional associations or cross-government CoPs] | |
IID. Develop internal communication strategies (top-down, bottom-up and lateral communications) on the Federal agency’s ERM process | |
IIE. Align resources to respond to positive and negative risks within the Federal agency’s risk appetite to achieve desired results | |
IIF. Implement risk controls and other risk management initiatives according to Federal government standards (e.g., OMB, GAO, NIST, etc.) | |
IIG. Integrate the Federal agency’s ERM activities with other core business processes (e.g., strategy, performance, budget, etc.) | |
Enterprise Risk Management Reporting in the Federal Government | 10% |
IIIA. Prepare internal reports according to Federal government reporting requirements | |
IIIB. Prepare external reports according to Federal government reporting requirements |
RIMS-CRMP-FED Reference List
- CFO and PIC (July 29, 2016). Playbook: Enterprise Risk Management for Federal Government. Washington, DC: U.S. Government Printing Office. Updated in 2021 but not yet released.*
- Committee of Sponsoring Organizations of the Treadway Commission (June 2017). Enterprise Risk Management: Integrating with Strategy and Performance.
- Government Accountability Office (Dec. 2016). Enterprise Risk Management: Selecting Agencies’ Experiences Illustrate Good Practices in Managing Risk. (GAO Publication No. 17-63). Washington, DC: U.S. Government Printing Office.*
- HM Treasury. The Orange Book: Management of Risk – Principles and Concepts.
- OMB (July 15, 2016). Circular No. A-123, Management’s Responsibility for Enterprise Risk Management and Internal Control. Washington, DC: U.S. Government Printing Office.*
- OMB Circular No. A-11, Preparation, Submission, and Execution of the Budget. PART 6 – The Federal Performance Framework for Improving Program and Service Delivery.*
- AFERM Federal ERM Areas of Practice Guidance. In development/partly available.* New!
- NISTIR 8286 - Integrating Cybersecurity and Enterprise Risk Management (ERM). (October 2020) New!
- Hardy, Karen. Enterprise Risk Management: A Guide for Government Professionals. Wiley Publishing. New!
- Stanton and Webster. Managing Risk and Performance: A Guide for Government Decision Makers. Wiley Publishing. New!
- Improving Government Decision Making Through Enterprise Risk Management. IBM Center for the Business of Government. New!
*Top 5 most important reference