CISSP-ISSMP Pass

I passed the ISSMP. I basically took the exam cold; I spent about six to eight hours skimming the old CBK over the last week.

- Know business continuity and disaster recovery.
- Know best practices for incident response management.
- Know ethical practices.
- Have the requisite experience.

I have not taken the CISM, so I have no frame of reference to speak to the comparability. I would assume they are very similar in difficulty.

I felt many of the ISSMP answers were obvious. I have a lot of experience in this area, but even so, this exam does not even belong in the same conversation as the ISSEP in terms of difficulty.

Find more posts tagged with

Comments

zxbane

Congrats!

I am sitting the CISM in June so it would be interesting to hear the comparison between the two. Could you expand on your experience in IA/Security?

Also, I would love to attempt the ISSEP eventually as well, interesting to hear that it is much more difficult. Do you work for the DoD by chance? (I've heard ISSEP is very applicable in the DoD realm)

cyberguypr

Congrats!

kzc

1 year helpdesk
2 years systems administration and engineering
8 years strategic information assurance consulting (including everything from developing custom frameworks to leveraging DIACAP and NIST to assist in implementation)

I have had federal and DoD clients, as well as clients bound by federal and DoD requirements. The ISSEP is extremely applicable, and my studies in it have improved my efficiency with non-federal clients, as well. It was worth it.

If I could ever make ISACA test dates I would have had no use for the ISSMP. Sorry I can't be of more help there. I assume somebody around here has both...

zxbane

Great feedback and thanks for the insight. When you say consulting, I am curious do you have your own business or do you work for a consulting company? Sounds like you have a ton of knowledge and experience under your belt!

I've considered reading the CBK's for the ISSAP and ISSEP even if I don't sit for the exams, just to gain the knowledge

kzc

I do both. I work for a consulting firm on a long-term engagement for job security, but I generally have 2-3 short term (under 3 month) engagements per year independently on the side.

Benchwarmers

Congrats, kzc!! I am also studying for the ISSMP. I have read the ISC2 CBK book and was inquiring about other resources to study before scheduling a date. It sounds like the exam was pretty straight-forward.

colemic

Congrats on the pass, this one is also on my to-do list, hopefully this year.

Munkin

kzc wrote: »

If I could ever make ISACA test dates ...

They really need to offer tests more than twice a year.

Allen

colemic

Munkin wrote: »

They really need to offer tests more than twice a year.

Allen

And all the people said, AMEN!

bubble2005

kzc wrote: »

I passed the ISSMP. I basically took the exam cold; I spent about six to eight hours skimming the old CBK over the last week.

- Know business continuity and disaster recovery.
- Know best practices for incident response management.
- Know ethical practices.
- Have the requisite experience.

I have not taken the CISM, so I have no frame of reference to speak to the comparability. I would assume they are very similar in difficulty.

I felt many of the ISSMP answers were obvious. I have a lot of experience in this area, but even so, this exam does not even belong in the same conversation as the ISSEP in terms of difficulty.

Is it possible to take the ISSMP exam before having the full 2 year requirement? Does ISC2 offer the same length of time to get the necessary experience for the concentrations (6 years) like with the CISSP?

Congrats

Congrats!!

Congrats!

Congrats!