jg372 wrote: »
I haven't taken CISA (yet) but GCCC was good, I enjoyed it. Thought it covered a bit on auditing. I am going to assume it's a bit more technical than CISA though.
Holy crap. Can't believe I didn't see this reply. Thank you for taking the time to reply. What did you think of the class?
GCCC - covers specifically security controls of SANS top 20 - testing, finding gaps etc - this is limited to this world where as the CISA covers a much broader spectrum.
In industry CISA rules in the auditing world - GCCC is a nice one to have for knowledge if anything so you can apply such knowledge in your audits but its not a deal breaker if you get me.
Dont need GCCC prior to CISA - but would be nice to have just so you can drill down deeper into those security controls when you perform your audits.