Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

CISA / CISM / CISSP - Which certification for moving to ICT Security field?

  • 03-06-2019 12:05PM
    #1
    TestLink
    Registered Users, Registered Users 2 Posts: 886 ✭✭✭


    I have 8 years experience in IT Support + Manual Software testing. Currently preparing for Prince 2 certification. I wish to move to IT management side of things and is interested in ICT Security.

    May I know which one of the following I should go:

    CISA / CISM / CISSP

    Is CISM difficult to attain?
    Tagged:


Comments

  • #2
    horgan_p
    Moderators, Education Moderators Posts: 2,643 Mod ✭✭✭✭horgan_p


    CISSP will need you to show 5 years experience covering at least 2 of the 8 domains.
    So by design it isnt suitable as an intro to IT security.

    I have seen colleagues studying for CISM but I couldnt say how good or bad it is.


  • #3
    TestLink
    Registered Users, Registered Users 2 Posts: 886 ✭✭✭TestLink


    Any idea how difficult is the CISM exam? Would self study be enough?


  • #4
    horgan_p
    Moderators, Education Moderators Posts: 2,643 Mod ✭✭✭✭horgan_p


    Most IT exams can be done using self study , video training and practice exams.
    How long it takes is entirely up to you


  • #5
    TestLink
    Registered Users, Registered Users 2 Posts: 886 ✭✭✭TestLink


    I have IT experience in the following domains:
    Telecom
    Healthcare
    Public Sector
    Non Profit

    Can you suggest an entry level / mid level certification?

    Prefer something that would go along with project management.

    Thanks...


  • #6
    horgan_p
    Moderators, Education Moderators Posts: 2,643 Mod ✭✭✭✭horgan_p


    I think you misunderstand, the domains for CISSP are :
    • Security and Risk Management.
    • Asset Security.
    • Security Architecture and Engineering (includes cryptography)
    • Communications and Network Security.
    • Identity and Access Management.
    • Security Assessment and Testing.
    • Security Operations.
    • Software Development Security.


  • Advertisement
  • #7
    TestLink
    Registered Users, Registered Users 2 Posts: 886 ✭✭✭TestLink


    So is there any thing I could do?


  • #8
    horgan_p
    Moderators, Education Moderators Posts: 2,643 Mod ✭✭✭✭horgan_p


    so in your 8 years experience can you show that you have experience in any of the domains that I listed above ?

    If you want to get into IT security, I'd suggest doing the security+ exam.


    Alternatively - look at job postings for jobs you want. Look at the requirements, there will always be some in common and start there ?


  • #9
    TestLink
    Registered Users, Registered Users 2 Posts: 886 ✭✭✭TestLink


    horgan_p wrote: »
    so in your 8 years experience can you show that you have experience in any of the domains that I listed above ?

    If you want to get into IT security, I'd suggest doing the security+ exam.


    Alternatively - look at job postings for jobs you want. Look at the requirements, there will always be some in common and start there ?

    Thanks...


  • #10
    TestLink
    Registered Users, Registered Users 2 Posts: 886 ✭✭✭TestLink


    TestLink wrote: »
    Thanks...

    I only have intermediate level networking knowledge.

    Would I be able to do SSCP? Or should I go for Comptia Security+?

    Any other certification I could do that deals exclusively with IT Auditing?

    I am not in to pen test and all. So looking for IT audit course + certification.

    Thanks...


Advertisement