Passed CISA and CISM. What should I take next? CISSP, CRISC, or CGEIT

mallen92

I am leaning on finishing out the ISACA series (CRISC and CGEIT) within the next year, but also have the CISSP in the back of my mind to take. Does anyone have any advice/suggestions? Thanks in advance for the input!

cyberguypr

It depends. What are your career goals?

mallen92

I don't want to go back to audit, I would like to migrate more towards a Information Risk/Compliance career/role.

636-555-3226

Then I guess CRISC is a no-brainer for you. Once you get that the CGEIT should be fairly easy since it kind of touches on all of the other exams. If you'd like to branch into GRC then I'd do all of the ISACA bean-counter series since the "ISACA" way will be so ingrained into your brain. Post that hit up the ISC2 series, starting naturally with the CISSP.