Cissp - issmp vs cism & crisc

corpsec

I have recently passed the CISM and seriously considering the CRISC in December and then later doing the ISSMP.

Does anyone know if CISM + CRISC would aid with studying for the ISSMP? I know the CISM would certainly overlap with ISSMP but not quite sure how helpful CRISC or CGEIT would be.

ISSMP Domains:

• Security Leadership and Management
• Security Lifecycle Management
• Security Compliance Management
• Contingency Management
• Law, Ethics, and Incident Management

CISM Domains:
Domain 1—Information Security Governance (24%)
Domain 2—Information Risk Management and Compliance (33%)
Domain 3—Information Security Program Development and Management (25%)
Domain 4—Information Security Incident Management (18%)

CRISC Domains:
Domain 1—Risk Identification, Assessment and Evaluation (31%)
Domain 2—Risk Response (17%)
Domain 3—Risk Monitoring (17%)
Domain 4—Information Systems Control Design and Implementation (17%)
Domain 5—IS Control Monitoring and Maintenance (18%)

CGEIT Domains:
Domain 1: Framework for the Governance of Enterprise IT (25%)
Domain 2: Strategic Management (20%)
Domain 3: Benefits Realization (16%)
Domain 4: Risk Optimization (24%)
Domain 5: Resource Optimization (15%)

sameoj

In my view, I will suggest you go with CISM as this is closely related with ISSMP.

Falasi

I did ISSMP on the same week as CISM , Almost identical concepts beside - at that time - I'd rather study for another exam than wait for CISM magical email :D

Good luck

corpsec

Hey Falasi,

I scored pretty well on my CISM in Jun 2015 670 score, do you think I should rush the ISSMP while it's only been a 5 weeks since the CISM? Or should I finish reading the official ISSMP CBK and then write the ISSMP exam in a month or two?

Falasi wrote: »

I did ISSMP on the same week as CISM , Almost identical concepts beside - at that time - I'd rather study for another exam than wait for CISM magical email :D

Good luck

!nf0s3cure

corpsec wrote: »

I have recently passed the CISM and seriously considering the CRISC in December and then later doing the ISSMP.

Does anyone know if CISM + CRISC would aid with studying for the ISSMP? I know the CISM would certainly overlap with ISSMP but not quite sure how helpful CRISC or CGEIT would be.

ISSMP Domains:

• Security Leadership and Management
• Security Lifecycle Management
• Security Compliance Management
• Contingency Management
• Law, Ethics, and Incident Management

CISM Domains:
Domain 1—Information Security Governance (24%)
Domain 2—Information Risk Management and Compliance (33%)
Domain 3—Information Security Program Development and Management (25%)
Domain 4—Information Security Incident Management (18%)

CRISC Domains:
Domain 1—Risk Identification, Assessment and Evaluation (31%)
Domain 2—Risk Response (17%)
Domain 3—Risk Monitoring (17%)
Domain 4—Information Systems Control Design and Implementation (17%)
Domain 5—IS Control Monitoring and Maintenance (18%)

CGEIT Domains:
Domain 1: Framework for the Governance of Enterprise IT (25%)
Domain 2: Strategic Management (20%)
Domain 3: Benefits Realization (16%)
Domain 4: Risk Optimization (24%)
Domain 5: Resource Optimization (15%)

This is the good thing about ISACA, they quantify the domains. Nothing like that on ISC2.

Falasi

corpsec

I'd Take my time and go through the materials , I hate redoing exams

corpsec

Falasi wrote: »

corpsec

I'd Take my time and go through the materials , I hate redoing exams

Would you recommend doing the CRISC after or before the ISSMP. Are there any overlap?

bubble2005

Falasi wrote: »

I did ISSMP on the same week as CISM , Almost identical concepts beside - at that time - I'd rather study for another exam than wait for CISM magical email :D

Good luck

Is it possible to take the ISSMP exam before having the full 2 year requirement? Does ISC2 offer the same length of time to get the necessary experience for the concentrations (6 years) like with the CISSP?