What's after CISA and CISSP?

Hi everyone. I'm currently CISA/CISSP certified. Any thoughts on the most logical next cert(s) to pursue?

I have a B.S. in MIS and a B.S. in accounting. After college I've tried a bunch of diff things (IT implementation, internal audit, accounting/fin) before deciding to settle more long-term into IT risk/controls. Currently a Sr. IT Auditor, next immediate career step would be hopefully promotion to manager level (which has no administrative direct reports where I work). I think long term I want to be in IT governance or IT financial control, but I'm open to develop into more business/strategy (less IT focused) tracks too. I've yet to turn 30 so I'm not too entrenched yet, although I'd like to develop serious subject-matter expertise as well.

I'm thinking CRISC next, but I'd also like to hear arguments for less IT-focused certs? I'm refraining from an MBA for now, because my company barely subsidizes and I can't justify the costs.

TL;DR:
Sorry if my question doesn't sound to-the-point, succinctly, what best comes after CISA/CISSP all things considered?

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

yoba222

I don't yet have either and plan on getting both before the end of 2019. I plan to stop after the CISSP. If I do take certs, it would be purely for training value. Other than training, I'd shift focus to creating content (articles, presentations, etc.).

Ertaz

chicago wrote: »

Sorry if my question doesn't sound to-the-point, succinctly, what best comes after CISA/CISSP all things considered?

If they are trophies to you, then go for the CGEIT or PMP. Governance is right there in the title of the first one

....