CISA passed, what next?

XasthurXasthur Member Posts: 2 ■■□□□□□□□□

Hurray, I’ve passed CISA exam today! Well, at least preliminary pass, but that is pretty much a pass. Getting actually certified shall be walk in a park.  

I’ve mostly used DB questions to understand the ISACA auditor logic and good old internet to search & learn ambiguous terms. Studied for about month and half, however auditing, security and risk management is my daily task and hobby.   

Questions is….I am not really sure where to go from there? I already have CISM & CISSP and couple other certs.

I believe CISA/CISM/CISSP is a golden standard for security management. I have combined experience as an IT administrator, security consultant, security program manager (fortune 500) and currently as CISO for smaller organization.  

Do you guys see any additional certification that would bring additional value? I was thinking CRISC, however it is not really sought after that much. I am paying my certifications myself, so don't want to waste money on something that doesn't bring much ROI. Obviously it is not just about "job hunt" ROI as such, but any cert that would increase my knowledge about GRC/management domain overall is helpful.

I was thinking CPP? Any thoughts?

My goal is to find a job in information security management, however in different country, hence I am trying my best to raise my chances. As you might know overseas job hunt is quite a challenge :) 


MSc - IS Management, CISSP, CISM, ISO27K LA, Prince2 Practitioner, Security+, Network+, ITIL, Cobit5, CCNA, MCSA 


  • Options
    sumeetgandhisumeetgandhi Member Posts: 60 ■■■□□□□□□□

    You already have the triad with you, I think CRISC / CCSP would help you as it relates more to you role.
    With Regards
    Sumeet Gandhi
    CISA, CISM, PMP, PMI-ACP, AWS Certified Solutions Architect, Office 365, SharePoint Online, SharePoint (2016 / 2013 / 2010 / 2007), MCTS, CSM, ITIL, PRINCE2
  • Options
    Russ5813Russ5813 Member Posts: 123 ■■■□□□□□□□
    GDPR is a pretty big deal in the EU, so a CIPP certification may bring value if you're looking at overseas/international work. I don't see data privacy becoming any less important as time goes on. I'm looking at taking the CIPT this year myself.
  • Options
    XasthurXasthur Member Posts: 2 ■■□□□□□□□□
    Yes, IAPP certifications might be good option; thank you for the suggestion, it is really closely related. To clarify this, I am actually from EU and want to get out :) So I am quite familiar with GDPR and its relation to security domain
    MSc - IS Management, CISSP, CISM, ISO27K LA, Prince2 Practitioner, Security+, Network+, ITIL, Cobit5, CCNA, MCSA 
Sign In or Register to comment.