CCISO verses CISM Exam 2019

odomscdodomscd Member Posts: 19 ■■■□□□□□□□
I need an IAM level III certification for a DOD job.  The CCISO exam has been added to the DOD approved 8570 certification list.  I have decided to take the CCISO exam over the CISM for the following reasons:
1.  CISM only offers their exam 2 times a year.   You can take the CCISO exam year around.

2.  CCISO uses Pearson Vue test Centers. The advantage to Pearson Vue is they are everywhere.  I live in the middle of the Mojave desert and we have a testing center in our small town.   You currently "cannot" schedule the CISM exam until the end of June or "Julyish" 2019 time frame.  ISACA's is updating the CISM testing window and I am not able to wait that long.  However, there is absolutely no indication of this on their website. This was explained to my when I called ISACA's customer service.  I almost paid for an CISM exam that is not available to take.   
3.  CCISO's customer service (EC Council) was hands above ISACA's.  EC Council returned my call within 24 hours.  ISACA never returned a call.  I had to keep calling them until I got a person.  This took several days.

4.  My one concern about the CCISO is the lack of third party supplemental study material.  However, I am attending a CCISO training event offered by the EC Council and it will have a live onsite instructor. They also included a retake exam in the price of the bootcamp if you fail.  The bootcamp is five days 8 to 5 pm and you take the exam the last day. 
     In comparison, there is numerous third party training material available for CISM and ISACA does provide a list of authorized third party vendors that provide CISM training.

5. The CISM exam is about 40 percent cheaper than CCISO's.  (545.00 verses 999.00) 

I am currently studying for the CCISO exam. If anyone can offer advise on how to study for this exam or if anyone has actually taken it any can offer advise, I would greatly appreciate it.



  • scascscasc Member Posts: 461 ■■■■■■■□□□
    I have both I can provide some perspective....

    1. CISM has a better name in the marketplace. You can book the exam within a given ISACA testing window - so more than the previously twice a year session they used to run. I only used the exam database to get my mind in the right frame - have multiple years experience so could away with this.
    2. If you can wait for CISM, worth it. If not then do CCISO first then check out CISM. If you can find an exam centre where you are great, if not then stick with CCISO.
    3. My experience is the opposite (everyone has their own). EC-Council appalling as ever, ISACA as good as SANS for me...
    4. CCISO material overpriced....their text book was something like £500. CISM only got exam database - good enough to get me through.

    You will get the official notes/text book as part of your CCISO training. For ISACA only look at their own materials.. 

    Hope this helps.
    AWS, Azure, GCP, ISC2, GIAC, ISACA, TOGAF, SABSA, EC-Council, Comptia...
  • balancebalance Member Posts: 244 ■■■■■□□□□□
    a bit off topic... If you already have CISM ,  do you think CCISO would be worth it? 
  • scascscasc Member Posts: 461 ■■■■■■■□□□
    It’s ok to be honest. Don’t lose sleep over not having put it that way :)
    AWS, Azure, GCP, ISC2, GIAC, ISACA, TOGAF, SABSA, EC-Council, Comptia...
  • balancebalance Member Posts: 244 ■■■■■□□□□□
  • scascscasc Member Posts: 461 ■■■■■■■□□□
    No worries at all. If looking for other management material SANS is also pretty neat.
    AWS, Azure, GCP, ISC2, GIAC, ISACA, TOGAF, SABSA, EC-Council, Comptia...
  • JDMurrayJDMurray Admin Posts: 13,025 Admin
    SANS management courses don't seem to have the same focus as the CISM and CISSP-ISSMP. MGT512 is said to be a watered-down SEC401 for less-technically-minded managers. Others are prep courses for CISSP and PMP cert exams. MGT514 with the GSTRT cert looks the most interesting, but it's not CISM.
  • scascscasc Member Posts: 461 ■■■■■■■□□□
    Thanks for the comments. Having both - I can honestly say that I learnt a few neat tricks (for 514) than I did with any of the others - specifically looking at strategy, TOM, roadmaps, detailed metrics (more so than CISM). 

    For 514 - it looked beyond the CISM material and syllabus which was nice. Though agreed that CISM seems to hold its own. 
    AWS, Azure, GCP, ISC2, GIAC, ISACA, TOGAF, SABSA, EC-Council, Comptia...
  • Grafixx01Grafixx01 Member Posts: 109 ■■■□□□□□□□
    I have a problem with the prices of things for EC-Council. If you want to get their book yourself, the price is ridiculous, especially since its just DbPP (Death by PowerPoint). I did like their old ECIH stuff because it gave you a slide, then a narrative about the slide, additional materials, etc below it. Just looking at their ECSP .Net, it is just 2slides per page with no other content other than the slide. How do you learn from that? A friend is an instructor for EC-Council and he even says their books are bunk.
  • JDMurrayJDMurray Admin Posts: 13,025 Admin
    ECC has student materials and instructor materials. The slides are meant to be presented to the students in a classroom and the instructor talks to the content from the instructor's guides. The students are supposed to learn by taking notes, asking questions, doing hands-on labs, etc. ECC really wants you to take their classes rather than doing self-study for its certs.
  • odomscdodomscd Member Posts: 19 ■■■□□□□□□□
    Hello everybody!  I just posted my experience with the CCISO exam under this heading: 
                      I Passed the CCISO Exam - Sept 2019 - My thoughts on the Exam
    Mr. JD Murray, 
         After taking the training with a live instructor, I totally agree with what you are saying. The ECC live course was fantastic!  The instructor that taught my class, also teaches for other Certifying organizations.
    I found EC-Council cost effective if you buy the entire training course/package. 
Sign In or Register to comment.