ISSMP - CISSP Concentration - Certification recommendations ?

okpokp Member Posts: 17 ■□□□□□□□□□
Hi there,

I passed CISSP two years ago, my certification profile in a good standing is as follow:
- ISO 27005/RABQSA (2011)
- CISSP/ISC2 (2012)
- CISM/ISACA (2013)
- CISA/ISACA (waiting for results in 3 weeks) but hopefully I'll pass as the exam was pretty straightforward.

10 years of experience, working in IT/BP compliance and working on a daily basis with C level / Audit. Aiming for CISO.

Just wondering if ISSMP would be a great asset.. I can't find any prep questions. What's sure is that this concentration will require low preparation, as everything is already covered on CISM/CISA/CISSP exams... So I may go for it... computer based (I dont like that, that much - prefer pen & paper exams), but I can basically register the day before the exam. around 350 euros.

Otherwise, I think I'll stop my certification career, as it seems pretty complete at this time.

Thanks!

Wish you the best for 2014.

Comments

  • okpokp Member Posts: 17 ■□□□□□□□□□
    Hi, any thoughts ?
  • colemiccolemic Member Posts: 1,569 ■■■■■■■□□□
    Well, I don't think it would hurt... I am in a very similar boat (minus CISM, plus a few more minor certs) and am considering the ISSMP. I am also trying to determine whether something like PMP would be a better investment in time and dollars. It would fill a gap that I feel a good CISO needs, outside of the technical arena. Getting both wouldn't hurt either. I am still on the fence. :)
    Working on: staying alive and staying employed
  • dijital1dijital1 Member Posts: 64 ■■□□□□□□□□
    Hi Okp,

    Only you know if the ISSMP is worth doing. Based on your current certifications, the ISSMP would probably overlap a bit with your CISM certification. I've not taken any of the ISACA certs so I don't know how it directly compares. People that have both the ISACA and ISC2 certs and the general feeling is that the ISSMP compares well with the CISM.

    It probably wouldn't be a huge undertaking for you to prepare for it, so why not knock it out. You'll probably pick up a few bits of knowledge as well as increases your marketability; both good things.

    I'd probably do it if I were you.
  • okpokp Member Posts: 17 ■□□□□□□□□□
    thanks for the support. I was reading the official ISSMP book of knowledge... and I've to say that ISC2 certifications questions are more tricky to understand.. whereas ISACA are straightforward. ISC brings double negations, a more shakespeare way of writing.. which brings a lot more difficulty in the exam.

    PMP is also definitely an asset to look at.
  • AnthonyFAnthonyF Member Posts: 109
    Go for PMP. No one has really ever noticed my ISSMP. But they notice PMP right away. My 2 cents.
  • dijital1dijital1 Member Posts: 64 ■■□□□□□□□□
  • okpokp Member Posts: 17 ■□□□□□□□□□
    well PMP is really focused on project management right. Project Manager is a different job than CISO. Just wondering if PMP will be a great asset as a CISO...

    How much involvement for PMP...? I don't like to get into training session; prefer self work and questions...
  • okpokp Member Posts: 17 ■□□□□□□□□□
    Hey, any thoughts are welcome. I'm really wondering if I should go for PMP.... worth it when you aim for CISO ? It's like getting a CCNA when you are going for a security management position (and by the way manage the security program). Interesting but not that useless.
  • colemiccolemic Member Posts: 1,569 ■■■■■■■□□□
    A CISO with a PMP will understand how his/her teams function better, and will understand the underlying processes that enable them to see the bigger picture, while understanding the details of their business from a functional perspective. Having a PMP benefits a lot of others than just the project manager.
    Working on: staying alive and staying employed
  • okpokp Member Posts: 17 ■□□□□□□□□□
    Thanks, just trying to gather enough ideas, so I can ask my boss to follow me on this PMP road... Because from his perspective, I'm quite sure he'll reply... PMP... you want to be a project manager not a CISO ?!
  • AnthonyFAnthonyF Member Posts: 109
    colemic wrote: »
    A CISO with a PMP will understand how his/her teams function better, and will understand the underlying processes that enable them to see the bigger picture, while understanding the details of their business from a functional perspective. Having a PMP benefits a lot of others than just the project manager.


    Agree 100%

    I also would say every org is different (okp's question). I know CISO's who have large portfolios and manage huge teams. While others have a small role and are a small 'c' rather than a large 'C' and have directors of IS that pull all the weight.

    The more you understand from the business perspective the better off you will be.
  • okpokp Member Posts: 17 ■□□□□□□□□□
    hi Anthony,

    fully understand your recommendation. In fact, my company culture seems not to be oriented towards certification. So I assume I'll have to finance the PMP by myself. Only "issue" is the 35 hours training which cost like 2500 USD... whereas ... CISA,CISSM,CISSP were "only" around 400 USD (I don't like the courses)
Sign In or Register to comment.