Cyber security audit cert

scasc

hey all - has anyone done the above new cert from isaca? Wanted to find out if it’s for juniors or more advanced workers.

thanks in advance 

stryder144

I have never heard of it.  For those interested, here is the link.  After a quick glance, it looks like a stepping stone to the CISA.  Price for the online class isn't too spendy but a bit out of my current, personal training budget.

Info_Sec_Wannabe

stryder144 said:

I have never heard of it.  For those interested, here is the link.  After a quick glance, it looks like a stepping stone to the CISA.  Price for the online class isn't too spendy but a bit out of my current, personal training budget.

After taking a peek at the link, it does resemble CISA with a bit of hands on and cloud (at least IMHO).

mahd559

Does it expire? Or you have to maintain it by certain number of CPEs?

banzay

Just passed today. Was bored. Spent one day to prepare. If you are already have a CISA, doth waste your time. I'm not sure what is the value of this certificate. 

EFFAHPOKU

mahd559 said:

Does it expire? Or you have to maintain it by certain number of CPEs?

No it does not expire

UnixGuy

scac: i looked at it, it looks like an entry level cert not an advanced one

eshomsho

I took the test today using the book and self paced study materials and none of the questions from the book or the study materials were on the exam.  I have CISA and CRISC and regret registering for this prior to them developing better study guides.  With only 75 questions asked, you have to be prepared to answer most of them correctly.  The format resembles CISA but again I did not need to spend a $1000 for materials that were useless.  

LordQarlyn

banzay said:

Just passed today. Was bored. Spent one day to prepare. If you are already have a CISA, doth waste your time. I'm not sure what is the value of this certificate. 

Or if you don't have the CISA, skip this one and go straight for the CISA if that's your career path. I think the real purpose is to collect money from those who can't quite qualify for the CISA but ISACA still wants their money.

The_AM

IMO, When it comes to IS Auditing; CISA is and will be the gold standard for the foreseeable future.

ISACA's Cybersecurity Audit Certificate is a sort of "good to have" credential if you want to highlight and emphasize on your cybersecurity audit skills more from a visibility perspective (for hiring managers) than the knowledge perspective. 

yoba222

How can you have a cert without an acronym?

beads

EFFAHPOKU said:

mahd559 said:

Does it expire? Or you have to maintain it by certain number of CPEs?

No it does not expire

Then the cert is neither ANSI or ISO certified and should be discounted in value, right there.

- b/eads

HAGUILARO

eshomsho said:

I took the test today using the book and self paced study materials and none of the questions from the book or the study materials were on the exam.  I have CISA and CRISC and regret registering for this prior to them developing better study guides.  With only 75 questions asked, you have to be prepared to answer most of them correctly.  The format resembles CISA but again I did not need to spend a $1000 for materials that were useless.  

Hello

I totally agree with what you say, I studied all the material that was provided to me, but it did not help me to pass the exam, how did you pass? Do you have any guide or test exams? I would really appreciate it if you help me !! my mail aguilar.osores@gmail.com

mcc39817

TL:DR: you're better off getting a CISA and then hands on experience with tools and processes like identifying threats, gaining a better handle on the command prompt... all of which can be utilized to be able to provide a clear picture of the actual cyber-risks.

After reading the comments here, I'm pretty happy I did not ever pursue this certificate. What I will say though, for solid hands on that is directly transferable to security audits (i.e. NIST, etc.), I've been pretty happy with my CISA | CySA+ and Cybrary Subscription.  While the CySA+ focuses on incident response and hands on with things like logs and firewalls, tools, identifying threats, etc. as far as being able to analyze and review, and respond.  This has been useful to structure audits to go beyond "SOX" and look at the holistic security risk to the organization.  Plus, this combo has given me the means to move forward in developing my cybersecurity auditing skills. Further, I've been able to utilize labs from Cybrary to obtain the hands-on experience, as well as utilize review tools for the CySA+ exam.  It's still interesting that you don't see more companies asking for the CySA+ in light of the current global environment.  But I guess I'm bias as a career IT auditor.