What's after CISA and CISSP?

chicagochicago Posts: 2Registered Users ■□□□□□□□□□
Hi everyone. I'm currently CISA/CISSP certified. Any thoughts on the most logical next cert(s) to pursue?

I have a B.S. in MIS and a B.S. in accounting. After college I've tried a bunch of diff things (IT implementation, internal audit, accounting/fin) before deciding to settle more long-term into IT risk/controls. Currently a Sr. IT Auditor, next immediate career step would be hopefully promotion to manager level (which has no administrative direct reports where I work). I think long term I want to be in IT governance or IT financial control, but I'm open to develop into more business/strategy (less IT focused) tracks too. I've yet to turn 30 so I'm not too entrenched yet, although I'd like to develop serious subject-matter expertise as well.

I'm thinking CRISC next, but I'd also like to hear arguments for less IT-focused certs? I'm refraining from an MBA for now, because my company barely subsidizes and I can't justify the costs.

TL;DR:
Sorry if my question doesn't sound to-the-point, succinctly, what best comes after CISA/CISSP all things considered?

Comments

  • yoba222yoba222 Posts: 929Member ■■■■■□□□□□
    I don't yet have either and plan on getting both before the end of 2019. I plan to stop after the CISSP. If I do take certs, it would be purely for training value. Other than training, I'd shift focus to creating content (articles, presentations, etc.).
    Obtained: A+ | Network+ | Security+ | CySA+ | PenTest+ | CAPM | eJPT | CCNA R&S | CCNA CyberOps | GCIH | LFCS
    2018: Virtual Hacking Labs
    2019: eCPPT &/or OSCP | CISSP
  • ErtazErtaz Posts: 906Member ■■■■■□□□□□
    chicago wrote: »
    Sorry if my question doesn't sound to-the-point, succinctly, what best comes after CISA/CISSP all things considered?

    If they are trophies to you, then go for the CGEIT or PMP. Governance is right there in the title of the first one ;) ....
Sign In or Register to comment.