Certified Identity Risk Manager

Certified Identity and Access Manager (CIAM) is the new name for the Certified Identity Risk Manager (CIRM) professional designation which Identity Management Institute (IMI) administers.

The CIAM designation is designed for experienced professionals who must consider identity risks within their job functions. Such professionals are leaders who contribute to the identity risk management efforts of an enterprise to the extent of their job responsibilities and help their organizations and clients in a variety of ways to reduce and manage identity risks. Such identity risk experts may work within fields such as information security, access administration, audit, physical security, privacy, compliance, fraud, project management, human resources, customer service, operations, risk management or information systems identity management technology.

The collective identity management practices of various groups and professionals throughout an organization strive to ensure that an identity is complete, accurate, valid, approved, readily identified, secured, granted proper logical and physical access, monitored through its lifecycle, and deactivated upon its useful life.

The Certified Identity and Access Manager (CIAM) designation indicates to everyone that the credential holder is not only aware and capable of managing identity risks within his or her job function as well as various programs, but also understands the risks that everyone else is attempting to manage within their job functions and thus collectively help reduce and manage enterprise identity risks in a synergistic manner.

Identity Management Institute has published a program overview and curriculum for the Certified Identity and Access Manager (CIAM) designation. The CIAM overview document defines identity management objectives, points out various business functions with identity management responsibilities and practices, and provides details regarding the CIAM training program and certification process including the Critical Risk Domains (CRD) which highlight the areas of responsibilities.

Critical Risk Domains

The following domains have been identified by IMI as the Critical Risk Domains (CRD) for the CIAM designation:

1. GOVERNANCE & MANAGEMENT
2. INTERNAL CONTROLS
3. TECHNOLOGY MANAGEMENT
4. AWARENESS & TRAINING
5. ACCESS MANAGEMENT
6. RISK ASSESSMENT
7. COMPLIANCE
8. AUDITING & MONITORING
9. COMMUNICATION
10. INCIDENT MANAGEMENT

Application Process

Interested candidates may submit an application which includes a pre-qualifying point system to ensure candidates have the required experience and education, and requires a written statement to assess a candidate’s risk management and communication skills.

To be certified, an applicant must be 1) an IMI member, 2) an identity risk management professional with 60 qualifying points based on experience and education, and 3) submit a written application for assessment.

Visit the CIAM page for additional certification details.