Cism

zen master

I recently saw a vacancy being advertised for a Network Security Admin, and the job required CISSP and CISM. I've never seen anyone ask for CISM before, exactly how popular and in demand is this certification? What's the content like?

UnixGuy

zen master wrote: »

I recently saw a vacancy being advertised for a Network Security Admin, and the job required CISSP and CISM. I've never seen anyone ask for CISM before, exactly how popular and in demand is this certification? What's the content like?

Very popular actually. I see a lot of security positions ask for CISSP, CISA, and CISM !

CISM is about incident response mainly, and CISA is about auditing.

zen master

Thanks UnixGuy. I don't think I'll bother to do that certification. In my part of the world, I think everyone is focused on CISSP, so I'll get that and call it a day.

UnixGuy

It's a very good cert, even for the knowledge only. Get CISSP, then you can get CISA and then CISM. The knowledge in these certs is invaluable

unsupported

CISM is a management cert. There is a requirement for you to manage a group or a project. Their definitions are kinda lax on management.

A lot of people in my department take CISM after CISSP and they say it is about 70% overlap in the domains. So, you can do your CISSP and then get CISM right after. Also, be aware of the timing. CISSP exams are throughout the year when CISM (and CISA) are given twice a year in June and December (I think).