Attaining the Cyber Risk Management Certificate
Eligibility Requirements
The only prerequisite to attempting the Cyber Risk Management exam is candidates must create a profile and join the PRMIA network. Start your enrollment by becoming a member to gain valuable access to members-only information, or join the network for free.
Exam Requirements
To receive the Cyber Risk Management Certificate, candidates must pass the single exam with a score of 60% or higher.
Candidates may retake a failed exam by paying a retake fee, but must wait 90 days from the date of the failed exam.
Maintaining your Cyber Risk Management Certification
The only requirement in maintaining your certification is to uphold the highest professional and ethical standards as defined by the PRMIA Standards of Best Practice, Conduct and Ethics.
Exam Exemptions
Completing the Cyber Risk Management Certificate will not yield any exemptions toward the PRM Designation.
Exam Syllabus
Below is a high level overview of the subject matter in each section.
| Section |
Subject Matter |
| A. Introduction & Industry Developments |
Overview of Cyber Risk Management, Recent Developments, and Information Sharing |
| B. Cyber Risk |
Technology Overview, the Threat Landscape, and related Defenses and Control |
| C. ICT Risk Management |
ICT Risk Management Framework including Assessment & Testing and Incident Reporting |
| D. Third-Party Risk Management |
Assessment & Onboarding, Ongoing Monitoring & Oversight, and Exit & Contingency Planning |
| E. Crisis Management |
Preparedness & Prevention, Response & Containment, and Recovery & Learning |
| F. Data and AI |
Data and Data Privacy, Developments in AI, AI & Risk Management, and AI as a Threat |
| G. Emerging Risks |
Horizon Scanning, Managing Emerging Risks, and Examples of Emerging Risks |
| H. Case Studies |
Citibank, FTX, TSB, UK Post Office, and ARUP |
Exam Format
The exam is computer-based. Questions are all multiple choice drawn randomly from the exam data base, according to the syllabus order and weightings. The Cyber Risk Management exam is offered in English only.
PRMIA computer-based method of delivery of the exam allows it to evaluate very specific details about each question administered, including down-to-the-second measurements of how long it takes most candidates to answer each question.
The exam consists of 60 questions, and candidates have two hours to complete it.
Testing Overview
The Cyber Risk Management exam is operated by Pearson with testing centers in more than 180 countries and territories, in secure and monitored testing facilities in approximately 5,500 locations.
Or, you may take your exam through OnVUE online proctoring. A live proctor will monitor you through the webcam on your computer to provide a secure exam experience.
Questions are presented digitally with responses entered directly into the computer. If you are in a Pearson VUE facility, no materials may be brought into the testing room; however, you will be provided with an erasable board upon request. No calculators are needed nor provided.
Once you start the exam you will be introduced to the functionality of the exam. After this has been viewed, you may begin your exam. You will be asked multiple-choice questions with four possible responses. There are no breaks allowed during the exam.
The testing system allows you to mark and review questions as long as time is remaining. Please note that you are unlikely to finish your exam with substantial extra time.
Exam Results
Exams are graded digitally. Results are usually available within 15 business days of your test date and can be accessed by signing in to your PRMIA account and going to the 'Certifications Tab' in your 'PRMIA Profile'.
You will receive an email from Accredible when your digital certification is ready. The email you receive from Accredible will describe in detail how to print and share your certificate via LinkedIn or other social media. See Documentation & Sharing for features.