CISSP ISSMP

test4500test4500 Registered Users Posts: 29 ■■■□□□□□□□

I passed the exam and am awaiting the endorsement

I've passed both the CISM and CRISC, which it turns out is ideal preparation for CISSP ISSMP 


Study Plan

Really just a follow on from CRISC and reread of CISSP stuff but I recommend:

  • Reread of relevant CISSP areas - limited value 

  • Utilized the ISACA CISM QA&E (Questions Answers & Explanations) - V. Good prep

  • Utilized the ISACA CRISC QA&E - V.V Good prep

  • Downloaded the ISC2 Exam Outline for the ISSMP, searched for, and read, references you are not clear on - limited value


Test Question Preparation

The ISACA CISM/CRISC QA&E are essential, and very similar to the test in format - also a good number of questions - I personally think the ISACA QA&E are very expensive but also the best I have seen, if someone else is paying its the way to go!


Taking the Test

I think you have 3hrs but it took me just over half that time to get through the 125 q.

  • Read the question.

  • Rule out answers that make no sense.

  • Read the question again.

  • Select your answer.

Only a few of the questions are really difficult, you can't go back so commit and move on!



Is it worth it? -  maybe

+ve
  • Nice addition to my CISSP and CCSP and makes me look more a PM than a network bod I think

  • Helps you stand out amongst CISSPs who I imagine think its much harder than even CISSP (well that was my thinking anyway)

  • I find most people respect qualifications that don't have/understand - not saying its a good thing, just a thing

-ve
  • expensive 

  • very small peer group and not understood by recruiters ....but perhaps more by interviewers


Happy to answer questions!

Have: CISSP, SSCP, CYSA+, CCNA CyberOp, CIPP/E, PRINCE, ITIL v3, MS Azure 900/103/500, AWS SA-A, Splunk Core User , CyberArk Trustee......
2020 Goals: CISM/CISA, AWS CDA-P/SA-P/Security, Splunk Power User

Comments

  • DZA_DZA_ Member Posts: 467 ■■■■■■■□□□
    Congrats on the pass! I always wondered whether it's worth while to have any of the concentrations in the Canadian market at least. That's the thing with these concentrations is that the study material is dated and much of it you have to use a lot of supplementary resources for the studying.
  • UnixGuyUnixGuy Mod Posts: 4,570 Mod
    Well done!
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Learn GRC! GRC Mastery : https://grcmastery.com 

  • SteveLavoieSteveLavoie Member Posts: 1,133 ■■■■■■■■■□
    Congrats! However I am not sure if there is a good value from a CISSP concentration in the Canadian market. IMO CISSP + CISM have more value and recognition than CISSP ISSMP.


  • test4500test4500 Registered Users Posts: 29 ■■■□□□□□□□
    yep Canada

    CISSP's - 6,842
    CCSP - 
    839
    CISSP ISMMP - 
    50

    I don't think there is any information on how many CISM's there are but my guess would be closer to CISSP number rather than CCSP numbers
    Have: CISSP, SSCP, CYSA+, CCNA CyberOp, CIPP/E, PRINCE, ITIL v3, MS Azure 900/103/500, AWS SA-A, Splunk Core User , CyberArk Trustee......
    2020 Goals: CISM/CISA, AWS CDA-P/SA-P/Security, Splunk Power User
  • JDMurrayJDMurray Admin Posts: 13,099 Admin
    edited September 2022
    It's interesting the perceived value of a certification based on the number of people who hold it in a specific population group. For example, only 50 people in Canada having the ISSMP can be perceived as bad because the number of InfoSec managers in Canada (number?) who hold the cert is so low, or perceived as good because the few Canadian InfoSec managers who have the ISSMP will be perceived to having an added-value over those that don't. Same coin, two sides.
  • test4500test4500 Registered Users Posts: 29 ■■■□□□□□□□
    Yes JD that's exactly what I am about to find out now ....does this add $$ to my salary/make it easier to get a job or does it just add some letters to my name.

    Will update on my experience in a few months .... but I did the exam for two reasons really:

    1) Wanted the challenge - don't really care what the market thinks about that, I wanted to see if I was good enough and if not where I need improvement
    2) See if it has additional value over the CISSP - I think it should have, but have no idea how the market (recruiters/Hiring managers) view it 
    Have: CISSP, SSCP, CYSA+, CCNA CyberOp, CIPP/E, PRINCE, ITIL v3, MS Azure 900/103/500, AWS SA-A, Splunk Core User , CyberArk Trustee......
    2020 Goals: CISM/CISA, AWS CDA-P/SA-P/Security, Splunk Power User
  • JDMurrayJDMurray Admin Posts: 13,099 Admin
    test4500 said:
     ....does this add $$ to my salary/make it easier to get a job or does it just add some letters to my name.
    Knowing if the presence of a cert on your resume impressed a hiring manager enough to give you a first-round interview, or to recommend you for a higher wage increase, can be difficult to determine. If you get the job, you can always ask your manager if you having a specific cert had any influence on hiring decisions. As a job seeker you can never know, so it's (almost) always best to get the letters. You are not bound by ethics to put every cert you have on your resume, so just getting a cert for fun should never be a problem for you either.
Sign In or Register to comment.