SSCP, CISM or CISSP

PeterHandsPeterHands Member Posts: 86 ■■■□□□□□□□
Hi all,

I have completed the Sec+, CEH and a couple others. Im about to start a new post is Information Security Manager. Im just looking at the next stage and deciding which cert to take.

Any suggestions on either of SSCP, CISM or CISSP??

Thoughts much appreciated
ISC2 CISSP, EC-Council C|CISO, CEH, CompTia Security+

Comments

  • CryptoPunkCryptoPunk Member Posts: 9 ■□□□□□□□□□
    It depends on years of your real world experiences I would say. If you have only 1 year (lets say) of experiences it is useless to take CISM and go for SSCP intead. (just my opinion). Anyway, if you don't have 5 years (or 4 after waiver) of work experiences within 2 domains you can only be ISC2 associate. I think that it is similar with CISM with the need of 5years of managerial experiences.
  • CyberscumCyberscum Member Posts: 795 ■■■■■□□□□□
    CISSP hands down for ROI.
  • Mike7Mike7 Member Posts: 1,112 ■■■■□□□□□□
    CISSP. If you do not have the required years of experience, you can still be Associate of CISSP and have up to 5 years to convert.

    And CISSP gives 2 years waiver off CISM's 5 years experience requirement, which you will be ready to take after a few years of working.
  • PeterHandsPeterHands Member Posts: 86 ■■■□□□□□□□
    I have 7 years experience in InfoSec, but this is my first managerial role
    ISC2 CISSP, EC-Council C|CISO, CEH, CompTia Security+
  • danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    CISSP then CISM, no SSCP, in that order lol
    I am a Jack of all trades, Master of None
  • TongyTongy Member Posts: 234
    I have followed/am following:

    Security+ ---> SSCP ---> CISM ---> CISSP

    It's probably not the best way, but the CISSP is the "daddy" of Infosec certs (still) - after that who knows!
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    CISSP first, then CISM after you've got some more manager experience under your belt. Skip the SSCP.
  • jt2929jt2929 Member Posts: 244 ■■■□□□□□□□
    Mike7 wrote: »
    CISSP. If you do not have the required years of experience, you can still be Associate of CISSP and have up to 5 years to convert.

    And CISSP gives 2 years waiver off CISM's 5 years experience requirement, which you will be ready to take after a few years of working.

    *Associate of (ISC)2
  • Mike7Mike7 Member Posts: 1,112 ■■■■□□□□□□
    jt2929 wrote: »
    *Associate of (ISC)2
    My bad. icon_sad.gif
    Anyway, link at https://www.isc2.org/how-to-become-an-associate.aspx

    Just curious, how does someone who is an Associate use the title, something like this?

    CISSP (Associate)
  • jt2929jt2929 Member Posts: 244 ■■■□□□□□□□
    Mike7 wrote: »
    My bad. icon_sad.gif
    Anyway, link at https://www.isc2.org/how-to-become-an-associate.aspx

    Just curious, how does someone who is an Associate use the title, something like this?

    CISSP (Associate)

    Nope. Someone who is an Associate should only state that they are an Associate of (ISC)2. They are not allowed to mention CISSP, or any other certification until the endorsement has been received.
  • bpennbpenn Member Posts: 499
    The official title you can use is "Associate of (ISC)² working towards CISSP" if you want to mention the CISSP. At least, that's what it says on my ISC profile
    "If your dreams dont scare you - they ain't big enough" - Life of Dillon
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    danny069 wrote: »
    CISSP then CISM, no SSCP, in that order lol
    Agreed...if you are already in management, I do not think you will get much value from SSCP.

    For CISM you have to have 5 years of InfoSec plus 3 years InfoSec Management (within the last 10 years or acquire within 5 years from passing). However, CISSP seems to be more in demand and you could get endorsed right away since you have the experience.
  • Mike7Mike7 Member Posts: 1,112 ■■■■□□□□□□
    Suggested study timeline.

    Take CISSP exam by H1 2016.
    Apply for endorsement (from 2 to 6 weeks).
    Join ISACA.
    Register for June CISM exam in April (early bird and member discount)
    Take CISM exam in June.
    Apply for CISM endorsement using CISSP cert for 2 year experience waiver.
    Celebrate!

    Others: read TE forum threads for great exam study material and tips. Contribute to the community.

    At least that is what I did this year . icon_smile.gif
  • danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    Mike7 wrote: »
    Others: read TE forum threads for great exam study material and tips. Contribute to the community.
    At least that is what I did this year . icon_smile.gif

    So that's what some of your censored C's are icon_wink.gif
    I am a Jack of all trades, Master of None
  • Mike7Mike7 Member Posts: 1,112 ■■■■□□□□□□
    danny069 wrote: »
    So that's what some of your censored C's are icon_wink.gif
    Oops! icon_rolleyes.gif
  • jt2929jt2929 Member Posts: 244 ■■■□□□□□□□
    bpenn wrote: »
    The official title you can use is "Associate of (ISC)² working towards CISSP" if you want to mention the CISSP. At least, that's what it says on my ISC profile

    I'm pretty sure you can't even mention that you are working towards CISSP. I'll have to dig up where I read that. Maybe (ISC)2 changed their policy too.
  • bpennbpenn Member Posts: 499


    This what it says for me when I passed the CISSP but havent been endorsed.
    "If your dreams dont scare you - they ain't big enough" - Life of Dillon
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    bpenn wrote: »

    This what it says for me when I passed the CISSP but havent been endorsed.
    Yep from my understanding the big issue is claiming you have a "CISSP" instead of saying Associate.
  • Mike7Mike7 Member Posts: 1,112 ■■■■□□□□□□
    TechGuru80 wrote: »
    Yep from my understanding the big issue is claiming you have a "CISSP" instead of saying Associate.
    So in order to get through HR filter, put "Associate of (ISC)2" followed by "leading to CISSP" in smaller fonts.

    Totally legit. And better than "attend CISSP course" or "purchase CISSP book". 😃
  • camerono808camerono808 Member Posts: 18 ■■■□□□□□□□
    LOL at Mike7s post. Go hard on the CISSP, then just take your sweet @$$ time with everything else. Just my 2-cents.
  • jt2929jt2929 Member Posts: 244 ■■■□□□□□□□
    Here is the official guidance for those who become Associates of (ISC)2: https://www.isc2.org/uploadedfiles/(isc)2_public_content/legal_and_policies/logoguidelines.pdf


    "Associates of (ISC)² are NOT certified and may not use any Logo or description other than
    “Associate of (ISC)²”. Under no circumstances may they identify which exam they have
    successfully passed or use any Logo, other than “Associate of (ISC)²”, in any manner. Failure to
    abide by this rule may result in the candidate being prohibited from ever attaining any (ISC)²
    certification."
  • Mike7Mike7 Member Posts: 1,112 ■■■■□□□□□□
    Hmm...
    So to be totally legit and still get through HR filters, put Associate of (ISC)2 under Certifications followed by footnote.

    (ISC)2 is a
    non-profit organization which specializes in information security education and certifications such as the CISSP, CSSLP, CCSP.




    This forum thread has really gone off on a tangent.:) Back to the original question
    PeterHands wrote: »
    Any suggestions on either of SSCP, CISM or CISSP??
    I have 7 years experience in InfoSec, but this is my first managerial role
    PeterHands have sufficient experience for CISSP endorsement. icon_study.gif
    He should do CISSP first followed by CISM.
  • Robertf969Robertf969 Member Posts: 190
    Whats funny is that if you are in the military and in an IAT/IAM 3 position and aren't a CISSP but are a Associate of (ISC)2 it states: Associate of (ISC)2 - CISSP in your profile.
Sign In or Register to comment.