Anyone with their CISSP and their CISM here?

I have my CISSP and am currently gearing up for the CISM exam. I am currently using the CISM AIO by Peter Gregory but plan on also using the online Q&A database. The reason I am posting here is because I want to know if any CISMs supplemented their CISM studies with the Shon Harris CISSP AIO book. I just cracked my CISSP AIO 8th edition open for the first time in a couple years and after skimming through the first chapter it seems to be a great resource for parts of the CISM. I realize there is overlap between CISSP and CISM so this shouldn't be a surprise but I almost prefer the AIO CISSP over the AIO CISM for my studies. I'd appreciate any comments from someone who has there CISM and used the CISSP AIO for study reference. If there are specific areas of the CISM exam where the AIO CISSP book is great for please let me know, thanks.

Find more posts tagged with

CISM AIO

Comments

fitzlopez

I also did my CISSP first.Then the CISM the year after. I did the opposite, tried to stay away from the CISSP materials as the way of ISC2 and ISACA phrase their questions and answers feels different. I mainly used the Official CISM Review Manual and the Q&A book. I also read a lot of the material referenced like the NIST guides.

It was hard not to fall asleep reading the Official Manual

Good luck.

JDMurray

There are posts on TE stating the materials for the CISM and CISSP-ISSMP cert are very similar. That would make sense as the CISSP-ISSMP is more management-oriented and less broad in general InfoSec topics than the CISSP. Once I am finished with an MBA program, I'll consider getting the CISM and CISSP-ISSM at the same time. Maybe that could be a consideration for yourself as well.

fitzlopez

JDMurray said:

There are posts on TE stating the materials for the CISM and CISSP-ISSMP cert are very similar. That would make sense as the CISSP-ISSMP is more management-oriented and less broad in general InfoSec topics than the CISSP. Once I am finished with an MBA program, I'll consider getting the CISM and CISSP-ISSM at the same time. Maybe that could be a consideration for yourself as well.

That is true, I did the CISSP-ISSMP after the CISM for that reason. After studying for the CISM the material for the CISSP-ISSMP was pretty easy. I'd guess the decision to do it would be pretty straight forward now that ISC2 charges the same AMF rates no matter how many certs you hold. On the other hand the CISSP-ISSMP isn't really that recognized in my current circles.

E Double U

I have both, but only used the ISACA materials to prepare for CISM. Of course the knowledge from my CISSP studies plus experience helped, but I did not use non-ISACA study materials for the exam prep.

cyberguypr

I did my CISSP like 8 years ago and my CISM last year. As E Double U said, I only used the ISACA questions DB.

nevermore

I got my CISSP first and a year and change later i passed the CISM exam followed by the CISSP-ISSMP exam four days later. As others have stated the ISSMP and CISM are very similar. If you study and pass one, you should be positioned to pass the other. I just used the CISM QA database to study and relied on my experience.

Info_Sec_Wannabe

I did the opposite. Sat for the CISM first as prep for CISSP and used materials strictly for those certifications.

Had to make sure that I can look at the big picture first before attempting CISSP given the huge difference in scope.

averageguy72

I have both, did the CISM a while after the CISSP. Ended up just using the QDB.

chickenlicken09

Info_Sec_Wannabe said:

I did the opposite. Sat for the CISM first as prep for CISSP and used materials strictly for those certifications.

Had to make sure that I can look at the big picture first before attempting CISSP given the huge difference in scope.

How was the jump to cissp? Good way to do it though.

Sirkassad

averageguy72 said:

I have both, did the CISM a while after the CISSP. Ended up just using the QDB.

How well did the QDB prepare you for the CISM exam?

nevermore

@Sirkassad - I just used the ISACA QAE DB to formally prepare for the CISM. I was also relying on my experience to supplement it. I felt the QAE DB was sufficient for my preparation needs but more so as the CISM was my first ISACA exam, gave me familiarity to ISACA's approach to their exam questions.

Sirkassad

cyberguypr said:

I did my CISSP like 8 years ago and my CISM last year. As E Double U said, I only used the ISACA questions DB.

How well did the ISACA Q&A DB prepare you? I know the questions aren't the same, but is there similarity to the point where if you understand the answers then you should be fine?

E Double U

Sirkassad said:

cyberguypr said:

I did my CISSP like 8 years ago and my CISM last year. As E Double U said, I only used the ISACA questions DB.

How well did the ISACA Q&A DB prepare you? I know the questions aren't the same, but is there similarity to the point where if you understand the answers then you should be fine?

If you understand why an answer is correct and why others are incorrect then you should be fine.

AIi

I passed the CISSP and studied a LOT for it. Then I sat for the CISM a few months after and passed without additional reading, only doing some official practice tests (QAE). If I wasn't already in a "business security" role I'd had a much harder time.

AverageJoe

I have both the CISM and the CISSP, but I did the CISM first because I judged it to be easier to achieve. I only used the ISACA CISM study manual, but frankly I didn't study a lot for it. For a few weeks I'd skim the book on my subway ride to and from work, but it was so dry and boring that I would lose focus a lot. That said, I felt like a lot of the material was common sense, and I could generally narrow down multiple choice answers. I put a lot more effort into CISSP because I found the enormous breadth of knowledge required much more intimidating.

balance

I have both . CISSP in 2016 , CISM in 2019 2020 I hope to knock out all of the other ISACA certifications. I am not sure if it helped much (CISM) I had memories of grad school.... But I did enjoy earning it.