CISSP Concentrations

jbrad95706jbrad95706 Member Posts: 225
Hey Everyone,
I picked up my CISSP a little over a year ago and now I'm looking at next steps. I'm not sure if I want to go ISSAP, ISSEP, or ISSMP... I figured I would pick up a book for each and look them over -- and this is where things came to a halt.

There doesn't appear to be many options and the few that I find are very old and I'm sure outdated.

Any suggestions?

Have you taken one of these exams? If so, what would you recommend?


Thanks!

Comments

  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    They are only outdated if the material changes...most of the official books I believe are even a few years old. Most high level concepts for those concentrations aren’t things that change often like versions of Windows.

    Do you have the experience for all three? What is your current job? If it were me, I would only consider ISSAP or ISSEP because a CISM would probably be better than ISSMP.
  • djcarterdjcarter Member Posts: 44 ■■□□□□□□□□
    I would definitely recommend CISM over the ISSMP. Overall few people have the concentrations and you almost never see them on job postings.
  • b0Risb0Ris Member Posts: 27 ■□□□□□□□□□
    djcarter wrote: »
    I would definitely recommend CISM over the ISSMP. Overall few people have the concentrations and you almost never see them on job postings.

    +1 on this advice.
  • jbrad95706jbrad95706 Member Posts: 225
    TechGuru80 wrote: »
    They are only outdated if the material changes...most of the official books I believe are even a few years old. Most high level concepts for those concentrations aren’t things that change often like versions of Windows.

    Do you have the experience for all three? What is your current job? If it were me, I would only consider ISSAP or ISSEP because a CISM would probably be better than ISSMP.

    I have some experience in the all three areas and I'm currently working as the VP of Information Security for a mid-sized company. I'm trying to keep my skills/knowledge current while working toward something that I can put on my resume. The concentrations seemed like the next logical step, but now I'm not so sure.

    CISM seemed a little more focused on governance.
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    jbrad95706 wrote: »
    I have some experience in the all three areas and I'm currently working as the VP of Information Security for a mid-sized company.

    CISM seemed a little more focused on governance.
    If you are a VP then you are governing...helping with the direction of the department at a high level.

    Honestly, since you have already made the VP level, there are a few certifications that would be applicable....CISM, PMP, CRISC, CISA (in no particular order). Any one of those would be good additions because they are business focused...ISSAP and ISSEP are "ok" options, but they aren't really applicable to you and they rarely get listed in job postings for any level.
Sign In or Register to comment.