Hi!
I sat-and-passed the CISSP in December 2014 and the CISA in December 2015 (top 20%) and then thought, what to do next? I passed both on the first go so my ego was tickled enough to make me think I can pass certification exams with little woe. Of course I might crash-and-burn and come unstuck, but while I'm seemingly on-a-roll...
So I spent a bit of time studying what seemed to both be required by clients and what took my fancy. Seeing as establishing or contributing to the establishment of ISMS comprises quite a bit of what I do, something in that line most appealed.
As I work principally in the UK and Europe I took a look at the IT Job Watch site for contractors, first for the CISA skill, then the CISSP and scrolling down the pages, looked at what seemed to be most sought-after skills to accompany these certifications;
CISA Contracts, Contractor Rates for CISA QualificationsCISSP Contracts, Contractor Rates for CISSP Qualifications
In both cases '
ISO/IEC 27001' is inside the top five client requests.
For the CISA the next most sought after certification is the CISSP, with
ISO/IEC 27001 4th and for the CISSP its 'Information Security' at 1st,
ISO/IEC 27001 at 3rd and the CISA at 5th.
For
ISO/IEC 27001 itself, the next most sought-after skill is 'Information Security' (eh, of course!), followed by the CISSP and CISA at 7th.
The CISM is more popular than ISO 27001, but I still like being hands-on and so that certification doesn't appeal.
So I've ordered a home-study ISO/IEC 27001 Lead Implementer course, which is derived from PECB and consequently ISO/IEC 17034-compliant (that is, not a buck-shy certification that isn't actually ISO/IEC accredited).
I won't say who the vendor is yet as I don't want to send someone down the wrong route if it doesn't work out for me. I'll report on how I get on with it in due course. the vendor wants the course and examination taken inside 90 days and the examination and certification fees are paid-for up-front as part of the package cost.
