The International Risk Management Certification Board (IRMCB) is an independent Non-Governmental Organization (NGO) accreditation authority that exists to lead and enhance the effective practice of enterprise risk management in conformance with recognized frameworks and standards of best practice such as ISO 31000 and COSO. The scope of IRMCB extends to related integrated risk management systems including:
- Information Security Governance and Management aligned to the ISO/IEC 27001 specification and related ISO standards
- Business Continuity Governance and Management aligned to ISO/IEC 22301 specification and related ISO standards
- Fraud Control Governance and Management aligned to ISO 37001
- Quality Management Systems aligned with ISO 9001:2015
- Service Governance and Management aligned with ISO/IEC 20000
1. To be a significant stakeholder in the decision making process on Enterprise Risk Management and related issues.
- To monitor new regulations and standards
- To detect early issues that can impact our profession
- To propose and co-ordinate positions with member associations on relevant issues
- To issue guidance and position papers
- To maintain interest representation with leading institutions in risk management disciplines
- To establish technical alliances and ad hoc coalitions with other stakeholders
2. To coordinate, promote and support the development and use of enterprise risk management and integrated management systems for information security, business continuity, quality management, service management, and fraud control.
- To promote professional practices and standards through standardized professional development training and certification programs for individuals involved in enterprise risk management systems
- To organize conference, seminars, forums to provide formal education and networking opportunities
- To maintain a two way communication with national associations on development and application of enterprise risk management and related management systems
- To set up surveys and benchmarks to identify and share current practices
- To facilitate the development of new associations
3. To to assure the integrity and validity of standardized professional development training and certification programs for individuals involved in enterprise risk management systems. Certification and validation of competence of individuals involved in governance and management of enterprise risk and related management systems has become an important element of an increasingly mobile and global workforce, underscoring the value of industry-recognized credentials that can be carried across national borders. IRMCB-registered organizations provide IRMCB-standardized training, examination, and certification services for individuals.
- Establishing the minimum baseline requirements necessary to qualify certified professionals managing risk according to well-established best practices of ISO frameworks and standards including ISO 31000, ISO 27001, and ISO 22301.
- Developing, maintaining, and licensing reliable, valid, and current certification preparation curriculum and training to be delivered through authorized training and certification member organizations.
- Developing, maintaining, and licensing reliable, valid, and current certification examinations to be proctored through authorized training and certification member organizations.
- Establishing requirements for the periodic renewal of certification and determining compliance with those requirements.
- Ascertaining that certificants meet ethical standards in their professional practice
- Promoting the benefits of certification to employers, public officials, practitioners in related fields, and the public.
No affiliation with the International Organization of Standardization (ISO)
IRMCB is not affiliated or endorsed by the International Organization for Standardization (ISO). IRMCB is NOT accredited to the ISO 17024 standard.