Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi all! We have been experiencing an issue on site where threads have been missing the latest postings. The platform host Vanilla are working on this issue. A workaround that has been used by some is to navigate back from 1 to 10+ pages to re-sync the thread and this will then show the latest posts. Thanks, Mike.
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

CISSP or CISM

  • 07-11-2019 5:44pm
    #1
    Neames
    Registered Users, Registered Users 2 Posts: 953 ✭✭✭


    Folks,

    I'm interested in learning more about Information Security with a view to completing some certifications.

    Can anyone advise about certification paths to begin with CISSP or CISM.

    I would like to perhaps move into Security (Management) in the future having worked for many years in management of software development teams.


Comments

  • #2
    horgan_p
    Moderators, Education Moderators Posts: 2,608 Mod ✭✭✭✭horgan_p


    Hey ,


    CISSP will require you to have 5 years of demonstrable experience in IT Security in at least one of the 8 domains.
    Without that experience you will be an associate until you gain the experience.
    CISM : ( this is something I didnt know until 10 minutes ago :

    4. Work Experience
    Submit verified evidence of a minimum of five years of information security work experience, with a minimum of three years of information security management work experience in three or more of the job practice analysis areas. The work experience must be gained within the 10-year period preceding the application date for certification or within 5 years from the date of originally passing the exam.

    Experience Substitutions
    The following security-related certifications and information systems management experience can be used to satisfy the indicated amount of information security work experience.

    Two Years:

    Certified Information Systems Auditor (CISA) in good standing
    Certified Information Systems Security Professional (CISSP) in good standing
    Post-graduate degree in information security or a related field (e.g., business administration, information systems, information assurance)
    One Year:

    One full year of information systems management experience
    One full year of general security management experience
    Skill-based security certifications (e.g., SANS Global Information Assurance Certification (GIAC), Microsoft Certified Systems Engineer (MCSE), CompTIA Security +, Disaster Recovery Institute Certified Business Continuity Professional (CBCP), ESL IT Security Manager)
    Completion of an information security management program at an institution aligned with the Model Curriculum
    The experience substitutions will not satisfy any portion of the 3-year information security management work experience requirement.

    Exception: Two years as a full-time university instructor teaching the management of information security can be substituted for every 1 year of information security experience.


  • #3
    Neames
    Registered Users, Registered Users 2 Posts: 953 ✭✭✭Neames


    Thanks Horgan_p...

    I've worked in IT in a management role for 15 years...role was mainly in software development but I think I could tick a number of boxes in terms of experience for both CISSP and CISM.

    I may have a chance to get into a management position in the future in Info Security. I suppose my question is which certification to focus on first with a view to taking up a management role?


  • #4
    hmmm
    Registered Users, Registered Users 2 Posts: 11,205 ✭✭✭✭hmmm


    CISSP is more widely recognised.

    CISM is a fine certificate for anyone going down the management route, but I'd start with CISSP.

    Both require substantial experience in security.


Advertisement