Which certification is better CISA or CRIS? after having CISSP and CISM?

Hi experts
I have CISSP and just passed CISM. Which one is better for career point of view?
Is it CISA or CRISC ? or something else?

Find more posts tagged with

Comments

zxbane

I think it would be whichever one lines up more closely to the actual type of work you do in your current role.

SecMan3000

zxbane wrote: »

I think it would be whichever one lines up more closely to the actual type of work you do in your current role.

+1

If those are equal, I'd say the CISA. It's more well known then the CRISC at this point.

andhow

If you're working with auditors regularly, I'd recommend the CISA. It helps you understand the perspective of the auditors. This is useful when you're designing your security controls (specifically around monitoring and documentation).

On the other hand, the CRISC is useful when discussing risks concepts with the greater IT community. It helps normalize the discussion and provides a framework for managing risk.

GoodBishop

Ah, get em both. That's what I did.

But if I had to choose, the CISA is more well known and more recognized. Even though you hear about the CRISC at the top of the salary surveys, CISA is more useful and practical, and also not far behind the CRISC in the salary surveys.