Anyone with their CISSP and their CISM here?

SirkassadSirkassad Member Posts: 43 ■■■□□□□□□□
I have my CISSP and am currently gearing up for the CISM exam.  I am currently using the CISM AIO by Peter Gregory but plan on also using the online Q&A database.  The reason I am posting here is because I want to know if any CISMs supplemented their CISM studies with the Shon Harris CISSP AIO book.  I just cracked my CISSP AIO 8th edition open for the first time in a couple years and after skimming through the first chapter it seems to be a great resource for parts of the CISM.  I realize there is overlap between CISSP and CISM so this shouldn't be a surprise but I almost prefer the AIO CISSP over the AIO CISM for my studies.  I'd appreciate any comments from someone who has there CISM and used the CISSP AIO for study reference.  If there are specific areas of the CISM exam where the AIO CISSP book is great for please let me know, thanks.


Tagged:

Comments

  • fitzlopezfitzlopez Member Posts: 103 ■■■□□□□□□□
    I also did my CISSP first.Then the CISM the year after. I did the opposite, tried to stay away from the CISSP materials as the way of ISC2 and ISACA phrase their questions and answers feels different. I mainly used the Official CISM Review Manual and the Q&A book. I also read a lot of the material referenced like the NIST guides.

    It was hard not to fall asleep reading the Official Manual :/

    Good luck.
  • JDMurrayJDMurray Admin Posts: 13,092 Admin
    edited January 2020
    There are posts on TE stating the materials for the CISM and CISSP-ISSMP cert are very similar. That would make sense as the CISSP-ISSMP is more management-oriented and less broad in general InfoSec topics than the CISSP. Once I am finished with an MBA program, I'll consider getting the CISM and CISSP-ISSM at the same time. Maybe that could be a consideration for yourself as well.
  • fitzlopezfitzlopez Member Posts: 103 ■■■□□□□□□□
    JDMurray said:
    There are posts on TE stating the materials for the CISM and CISSP-ISSMP cert are very similar. That would make sense as the CISSP-ISSMP is more management-oriented and less broad in general InfoSec topics than the CISSP. Once I am finished with an MBA program, I'll consider getting the CISM and CISSP-ISSM at the same time. Maybe that could be a consideration for yourself as well.
    That is true, I did the CISSP-ISSMP after the CISM for that reason. After studying for the CISM the material for the CISSP-ISSMP was pretty easy. I'd guess the decision to do it would be pretty straight forward now that ISC2 charges the same AMF rates no matter how many certs you hold. On the other hand the CISSP-ISSMP isn't really that recognized in my current circles. 
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    I have both, but only used the ISACA materials to prepare for CISM. Of course the knowledge from my CISSP studies plus experience helped, but I did not use non-ISACA study materials for the exam prep.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    I did my CISSP like 8 years ago and my CISM last year. As E Double U said, I only used the ISACA questions DB.
  • nevermorenevermore Member Posts: 39 ■■■□□□□□□□
    I got my CISSP first and a year and change later i passed the CISM exam followed by the CISSP-ISSMP exam four days later.  As others have stated the ISSMP and CISM are very similar.  If you study and pass one, you should be positioned to pass the other.  I just used the CISM QA database to study and relied on my experience.

    Obtained:
    • CISSP/ISSAP/ISSMP, CISM, GISP, CEH
    • M.S. Information Security and Assurance Norwich University
    • B.S. Cybersecurity UMUC
    In Queue: PMP, CCSP, CRISC



  • Info_Sec_WannabeInfo_Sec_Wannabe Member Posts: 428 ■■■■□□□□□□
    I did the opposite. Sat for the CISM first as prep for CISSP and used materials strictly for those certifications. 

    Had to make sure that I can look at the big picture first before attempting CISSP given the huge difference in scope. 
    X year plan: (20XX) OSCP [ ], CCSP [ ]
  • averageguy72averageguy72 Member Posts: 323 ■■■■□□□□□□
    I have both, did the CISM a while after the CISSP.  Ended up just using the QDB.
    CISSP / CCSP / CCSK / CRISC / CISM / CISA / CASP / Security+ / Network+ / A+ / CEH / eNDP / AWS Certified Advanced Networking - Specialty / AWS Certified Security - Specialty / AWS Certified DevOps Engineer - Professional / AWS Certified Solutions Architect - Professional / AWS Certified SysOps Administrator - Associate / AWS Certified Solutions Architect - Associate / AWS Certified Developer - Associate / AWS Cloud Practitioner
  • chickenlicken09chickenlicken09 Member Posts: 537 ■■■■□□□□□□
    I did the opposite. Sat for the CISM first as prep for CISSP and used materials strictly for those certifications. 

    Had to make sure that I can look at the big picture first before attempting CISSP given the huge difference in scope. 

    How was the jump to cissp? Good way to do it though.

  • SirkassadSirkassad Member Posts: 43 ■■■□□□□□□□
    I have both, did the CISM a while after the CISSP.  Ended up just using the QDB.
    How well did the QDB prepare you for the CISM exam?
  • nevermorenevermore Member Posts: 39 ■■■□□□□□□□
    @Sirkassad - I just used the ISACA QAE DB to formally prepare for the CISM.  I was also relying on my experience to supplement it.  I felt the QAE DB was sufficient for my preparation needs but more so as the CISM was my first ISACA exam, gave me familiarity to ISACA's approach to their exam questions. 
    Obtained:
    • CISSP/ISSAP/ISSMP, CISM, GISP, CEH
    • M.S. Information Security and Assurance Norwich University
    • B.S. Cybersecurity UMUC
    In Queue: PMP, CCSP, CRISC



  • SirkassadSirkassad Member Posts: 43 ■■■□□□□□□□
    I did my CISSP like 8 years ago and my CISM last year. As E Double U said, I only used the ISACA questions DB.
    How well did the ISACA Q&A DB prepare you?  I know the questions aren't the same, but is there similarity to the point where if you understand the answers then you should be fine?
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    Sirkassad said:
    I did my CISSP like 8 years ago and my CISM last year. As E Double U said, I only used the ISACA questions DB.
    How well did the ISACA Q&A DB prepare you?  I know the questions aren't the same, but is there similarity to the point where if you understand the answers then you should be fine?
    If you understand why an answer is correct and why others are incorrect then you should be fine. 
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • AIiAIi Member Posts: 4 ■□□□□□□□□□
    I passed the CISSP and studied a LOT for it. Then I sat for the CISM a few months after and passed without additional reading, only doing some official practice tests (QAE). If I wasn't already in a "business security" role I'd had a much harder time.
    We grant you the rank of master but you are not on this council
  • AverageJoeAverageJoe Member Posts: 316 ■■■■□□□□□□
    I have both the CISM and the CISSP, but I did the CISM first because I judged it to be easier to achieve.  I only used the ISACA CISM study manual, but frankly I didn't study a lot for it.  For a few weeks I'd skim the book on my subway ride to and from work, but it was so dry and boring that I would lose focus a lot.  That said, I felt like a lot of the material was common sense, and I could generally narrow down multiple choice answers.  I put a lot more effort into CISSP because I found the enormous breadth of knowledge required much more intimidating.  
  • balancebalance Member Posts: 244 ■■■■■□□□□□
    I have both . CISSP in 2016   , CISM  in 2019  2020 I hope to knock out all of the other ISACA certifications.     I am not sure if it helped much (CISM)  I  had memories of grad school....  But I did enjoy earning it. 
Sign In or Register to comment.