Skip Ribbon Commands
Skip to main content
The RIMS-CRMP is awarded for a period of two years. Recertification activities must occur during the valid two-year recertification period. Professional Development activities are not retroactive.

To qualify for recertification, one must achieve the continuing education requirements described below. RIMS-CRMP holders must also agree to uphold the Code of Ethics.

Point Requirement

50 points must be earned within the recertification cycle (two year period), with one point equal to one hour of professional development activity. 

  • Of the 50 points, 35 of them must be obtained in Continuing Education. 

Continuing Education Options

​Atten​​dance at a conference, workshop, seminar that is dedicated to advancing risk management technical knowledge​ 1pt/ session hour; 1 session hour  = 60 minutes​
​Attendance at a formal meeting of an external organization that contains educational risk management technical knowledge ​1pt/ session hour; 1 session hour = 60 minutes
​Speak or present at a conference, workshop, lecture or seminar on risk management technical knowledge ​2pt/ session hour
​Speak or present at a CE approved conference, workshop, lecture or seminar on risk management technical knowledge ​3pt/ session hour
​Develop a company-supported educational workshop or seminar on risk management technical knowledge ​5pt/ per program
​Manage or participate in the installation or implementation (or audit) of an ERM program.  Modifications or revisions of the ERM program are not accepted under this requirement. ​10 pts/ per program
​Successful completion of a post-secondary accredited institution 3 credit course focused on risk management technical knowledge ​15 pts/credit (per course completed)
​Participation in the Spencer Risk Manager in Residence Program ​15 pts (limit 1 per certification period)
​Teaching a risk management course at a post-secondary accredited institution ​10 pts per credit hour; maximum 30 points per certification period
​Earning or maintaining an industry related certification that is accredited by ISO/IEC 17024, or the NCCA, or has eligibility requirements, a criterion-referenced exam, and recertification requirements OR earn or maintain a related professional license. ​5 points total

Note: All attendance at conferences, workshops, or seminars may be completed in person or online.

Authoring Publications 

Content must include risk management technical knowledge.

  1. 1 textbook = 15 points if written during the certification cycle
  2. 1 published article = 5 points (certified person an author or co-author)
  3. 1 point per contribution; up to 5 points awarded for industry video-blogs or blogs or contributions to newsletter articles or published interviews

Standards Development 

15 points; must be involved in the development in a standards committee, council, technical committee or work group.


Maximum 5 points awarded per recertification cycle
1 point per year of participation: participating in a leadership position on a risk management technical knowledge governing body at the international, national, regional, local or chapter level, with full participation; must include involvement in special projects such as strategic planning, governance, conflict resolution, positioning organizations strategically, etc.

Certification Development Activities 

5 points per year of service; service restricted to job task analysis (JTA) meetings, item-writing and review, passing score study meeting. 

Code of Ethics

The Code of Ethics of the Certification Commission requires certified persons to uphold the rules and requirements of the certified risk management professional that allows for the proper discharge of their responsibilities to those served, protect the integrity of the credential and safeguard the public’s trust.   Agreement to uphold and abide by the Code of Ethics is a requirement for earning and maintaining certification.  Implicit in this agreement is an obligation not only to comply with the mandates and requirements of all applicable laws and regulations, but to act in an ethical manner in all professional services and activities.  Certified persons who fail to comply with the Code of Ethics are subject to disciplinary procedures which may result in sanctions.  The Code of Ethics are not set forth to determine behaviors resulting in criminal or civil liability, nor are they intended to resolve matters of market competition.

As a certified risk management professional, I agree to uphold and abide by the follow tenets:
  1. Perform professional duties in accordance with the laws and with integrity.
  2. Perform professional duties in a competent and ethical manner.
  3. Avoid acts or omissions amounting to unprofessional conduct.
  4. Avoid malicious conduct that would injure the professional reputation or practice of others.
  5. Provide complete and accurate information when applying for certification and recertification.
  6. Refrain from personal behavior that may compromise the integrity of the credential.
  7. Disclose any felony convictions.
  8. Abide and uphold the policies of the Certification Commission.
  9. Safeguard confidential and privileged information and exercise due care to prevent its improper disclosure.
  10. Maintain competency requirements through recertification.
  11. Use the logo and certification marks only in an authorized and approved manner.
  12. Pay all fees and provide information required by the Certification Commission.​

Risk management technical knowledge includes, but is not limited to:

  • ​​Actuarial
  • Business continuity and crisis management
  • Business ethics
  • Captive operations
  • Claims management
  • Compliance 
  • Emergency response/management
  • Environmental management
  • Enterprise risk management​​
  • Financial risk management​
  • Healthcare risk management
  • Information technology risk management
  • Cyber security risk management
  • Insurance management
  • Operational risk management
  • Privacy management
  • Project risk management
  • Quality risk management
  • Risk assurance management
  • Safety and loss control
  • Security management
  • Strategic risk management
  • Supply chain risk management

  • Questions? Contact ​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​