I currently do technical work like application audits, penetration tests etc..I would like to move into risk management but what kind of certifications etc should i do to get into that field. I have already done the CISSP cert.
I have done the CEH cert. That too is again technical… I want to move towards the process and controls side.

You could look into the A+ to Security+ certification track.

There’s also the lesser known CEH certifications as well.