RIMS-CRMP Exam Information
The RIMS-CRMP exam is open to anyone who meets the eligibility requirements. The computer-based exam is proctored by Pearson VUE and consists of 120 questions with a two-hour duration.
All RIMS-CRMP candidates must have prior authorization from the RIMS-CRMP Certification Department to take the examination. The candidate must present two forms of ID to the examination proctor and meet all other test security requirements at the examination location (a list of acceptable forms of identification can be found in the RIMS-CRMP Certification Handbook). Additional details on taking the examination are provided to candidates in the email they receive from the RIMS-CRMP Certification Department once their application is approved.
Pearson VUE testing centers are located throughout the United States, Canada and around the globe.
Preparing for the Exam
Candidates should decide what they want to read and study based on their knowledge of the risk management discipline. The domains and related reading material listed below can be used to guide your preparation for the examination.
Additionally, candidates may use the RIMS-CRMP Study Guide to prepare.
|%||Domains||Related (Not Required) Reading|
Analyzing the Business Model
|Bookstaber, Richard M., and Bluford H. Putnam. Risk Management: Principles and Practices: Proceedings of the AIMR Seminar “Risk Management”, March 8-9, 1999, Boston, Massachusetts. Charlottesville, VA: Association for Investment Management and Research,
Funston, Frederick, and Stephen Wagner. Surviving and Thriving in Uncertainty: Creating the Risk Intelligent Enterprise. Hoboken, NJ: Wiley, 2010. Print.
Gamble, John, and Arthur A. Thompson. Essentials of Strategic Management: The Quest for Competitive Advantage. New York, NY: McGraw-Hill/Irwin, 2013. Print.
Kaufman, Josh. The Personal MBA: Master the Art of Business. New York, NY: Portfolio/Penguin, 2012. Print.
Sobel, Paul, and Kurt F. Reding. Enterprise Risk Management: Achieving and Sustaining Success. IIA Research Foundation, 2012. Print.
Designing Organizational Risk Strategies
|Lam, James. Enterprise Risk Management: From Incentives to Controls. Hoboken, N.J: Wiley, 2014. Print.
Elliott, Michael, ed. Enterprise Risk Management. 1st ed. The Institutes, 2014. Print.
“RIMS Strategic Risk Management Implementation Guide.” RIMS, 27 Nov. 2012.
Risk Assessment Standard. 2015 ed. Vol. RA.1. Alexandria: ASIS/RIMS, 2015. Print.
ISO 31000:2009 Risk management — Principles and guidelines.
Enterprise Risk Management – Integrating with Strategy and Performance. COSO, 2017.
Implementing the Risk Process
|Chapman, Robert J. Simple Tools and Techniques for Enterprise Risk Management. Chichester, England: Wiley, 2011. Print.
Elliott, Michael W. Risk Management Principles and Practices. Malvern, PA: The Institutes, 2018. Print.
Vance, Beaumont, and Joanna Makomaski. Enterprise Risk Management for Dummies. Hoboken, NJ: Wiley, 2007. Print.
“Orange Book. Management of Risk – Principles and Concepts” - Publications. HM Treasury on Behalf of the Controller of HMSO, 5 Oct. 2004. Web.
Developing Organizational Risk Competency
|Bellman, Geoffrey M. Getting Things Done When You Are Not in Charge. San Francisco: Berrett-Koehler, 2001. Print.
Kotter, John P. Leading Change. Boston, MA: Harvard Business School, 1996. Print. (Hardcover and Kindle, 2012)
Wan, Margaret. Incidental Trainer a Reference Guide for Training Design, Development, and Delivery. Boca Raton: CRC, Taylor & Francis, 2014. Print.
Supporting Decision Making
|Frigo, Mark, and Anderson, Richard. Strategic Risk Management: A Primer for Directors and Management Teams. 1st
ed. 2010. Print.
Salter, Josh. Exploring the Risk Committee Advantage. Rep. Ed. Morgan O’Rourke. RIMS, 2015. Web. (log in to access PDF)
Young, Greg; Hasler, David S. Strategic Finance. Managing Reputational Risk. 92.5 (Nov 2010): 37-46
|Duty and Task||Final % Breakdown on Exam|
|A. Analyzing the Business Model||15%|
|A1. Obtain internal organization information||3%|
|A2. Obtain external information about organization||1%|
|A3. Consolidate organizational information||2%|
|A4. Analyze operations of the organization/due diligence||3%|
|A5. Conduct benchmarking||1%|
|A6. Describe and/or understand organization's value chain||3%|
|A7. Identify organizational uncertainties||2%|
|B. Designing Organizational Risk Strategies||17%|
|B1. Develop risk strategy approach||3%|
|B2. Define organizational risk competency capabilities||2%|
|B3. Define success measures||2%|
|B4. Design risk governance||2%|
|B5. Design implementation plan||2%|
|B6. Develop risk communication strategy||3%|
|B7. Obtain organizational support for risk strategy||3%|
|C. Implementing the Risk Process||35%|
|C1. Identify risks||6%|
|C2. Analyze identified risk||6%|
|C3. Evaluate risk||6%|
|C4. Consult and create risk solutions||6%|
|C5. Monitor risk||5%|
|C6. Advise on risk management (e.g., strategic, enterprise, operational, business area, business initiatives)||6%|
|D. Developing Organizational Risk Competency||16%|
|D1. Deliver risk training||3%|
|D2. Engage organization’s risk network (e.g., safety, security, business continuity, internal audit)||3%|
|D3. Coach organization on the risk process and techniques||3%|
|D4. Continuously improve risk management process||3%|
|D5. Integrate risk management into day-to-day operations||4%|
|E. Supporting Decision-Making||17%|
|E1. Influence risk-based decision-making||8%|
|E2. Facilitate risk discussions||9%|
Authorized Testing Timeframe & Locations
You can select an exam date within your authorized six-month timeframe. The RIMS-CRMP certification exam is offered throughout the year.