Cissp-issmp

I recently took the ISSMP exam which is a concentration of the CISSP exam so before you can take the ISSMP exam you have to sit and pass the CISSP exam. The ISSMP exam requires that a candidate demonstrate two years of professional experience in the area of management on a large enterprise-wide security model. The exam is 3 hours and is made up of 125 questions.

The biggest problem I found with this exam was there was very little study material around to help prepare for the exam, ISC2 recently updated the domains and the only up-to-date information I could find was the official ISC2 book and like most ISC2 books it was not an easy read and there was a few spelling errors and at times the book can be hard to read and follow.

I was surprised when I sat the exam how many of the questions where not covered in the official book the exam assumes you have over at least 4 years security experience but if you just brought the book and hoped that would be enough I would say you would struggle.

It is quite a niche exam there is only 55 ISSMP's currently in the UK compared with over 5000 people having the CISSP. I do not think the exam was too difficult and studied for it for around 2 months and imagine it will become more popular in time.

Find more posts tagged with

Comments

dustervoice

congrats on passing and doing a writeup. what made you decide to do this test? as i havnt seen this as a requirement for any job roles in the UK

636-555-3226

I've had this on my roadmap for awhile but keep holding off due to the lack of study materials and seemingly general consensus that the official ISC2 materials are really bad.....

Mike7

Congrats on passing and thanks for the review.

You may want to look at ISACA's CISM which is more popular and seems to cover similar areas to CISSP-ISSMP.

rob1234

Already have the CISM. I agree I have not seen any jobs require the ISSMP but nevertheless I think the material it covers is good to know for many jobs around and it helps to look at security from a business point of view rather than a technical security point of view which from my experience a lot of people in security do.

gespenstern

Gz. Also thinking about this... but only after ISSAP.

hermit84

It is not hard if you study CISSP well.
I passed CSSLP, ISSMP and ISSAP exams within 3 weeks.

corpsec

I passed my CISM in June and just finished reading the official ISSMP CBK. Any suggestions for last week of studying before my exam date on Oct 10th? I still have my CISM DB questions not sure if that will be worth a review?

kukku

corpsec wrote: »

I passed my CISM in June and just finished reading the official ISSMP CBK. Any suggestions for last week of studying before my exam date on Oct 10th? I still have my CISM DB questions not sure if that will be worth a review?:::

Please do practice some CISSP questions also like cccure or Shon Harris test engine, especially those modules BCP, Risk Management, Law..
I too passed CISM in June and looking forward to take the ISSMP exam..All the best for the exam.

corpsec

Just passed ISSMP yesterday

Found it easier and shorter than CISM. Now on to CRISC & ISSAP!

kukku wrote: »

Please do practice some CISSP questions also like cccure or Shon Harris test engine, especially those modules BCP, Risk Management, Law..
I too passed CISM in June and looking forward to take the ISSMP exam..All the best for the exam.

kukku

Great....Congrats...All the best to CRISC and ISSAP..

corpsec

Thanks good luck to you too!

Anyone know the turnaround time for the CISSP concentration (ISSMP,ISSAP) experience verification? I submitted my CV after the exam and got the confirmation 24 hours after with an up to 6 weeks waiting period if it doesn't get randomly audited.

kukku wrote: »

Great....Congrats...All the best to CRISC and ISSAP..

gespenstern

corpsec wrote: »

Anyone know the turnaround time for the CISSP concentration (ISSMP,ISSAP) experience verification?

9/26 ISSAP passed, 10/09 received official statement.

corpsec

2 weeks turnaround not too shabby! Thanks!!

How was the ISSAP study effort/exam?

gespenstern wrote: »

9/26 ISSAP passed, 10/09 received official statement.

gespenstern

corpsec wrote: »

How was the ISSAP study effort/exam?

http://www.techexams.net/forums/isc-sscp-cissp/114257-issap-passed.html

aadoyle

Hi,

I have attempted the ISSMP exam and found that the questions related little to the scope of the official CBK. I spent a lot of time on studying the detail, but was disappoionted in the results considering the effort.

Before I attempt again, has anyone any strategy and approach to this exam that I may be overlooking. Should the answers be framed from a management perspective and not necessarily a technical perspective...

Any exam strategy insights welcomed.

Thanks.

gespenstern

b/eads advice on concentrations always was "read CBK and read its bibliography".

This is tough, but there's no any simple approach like "buy Conrad's book of 600 pages, read it and you are guaranteed to pass" here. Concentrations are tough just because there are no "all in one" materials to prepare for them.

corpsec

The content is very similar to CISM, if you are interested in security management I would go with CISSP -> CISM -> ISSMP -> CRISC. I did the CISM by reviewing the official DB questions and shortly after reading the official ISSMP CBK I wrote & passed the ISSMP with ease.

aadoyle wrote: »

Hi,

I have attempted the ISSMP exam and found that the questions related little to the scope of the official CBK. I spent a lot of time on studying the detail, but was disappoionted in the results considering the effort.

Before I attempt again, has anyone any strategy and approach to this exam that I may be overlooking. Should the answers be framed from a management perspective and not necessarily a technical perspective...

Any exam strategy insights welcomed.

Thanks.

bubble2005

rob1234 wrote: »

I recently took the ISSMP exam which is a concentration of the CISSP exam so before you can take the ISSMP exam you have to sit and pass the CISSP exam. The ISSMP exam requires that a candidate demonstrate two years of professional experience in the area of management on a large enterprise-wide security model. The exam is 3 hours and is made up of 125 questions.

The biggest problem I found with this exam was there was very little study material around to help prepare for the exam, ISC2 recently updated the domains and the only up-to-date information I could find was the official ISC2 book and like most ISC2 books it was not an easy read and there was a few spelling errors and at times the book can be hard to read and follow.

I was surprised when I sat the exam how many of the questions where not covered in the official book the exam assumes you have over at least 4 years security experience but if you just brought the book and hoped that would be enough I would say you would struggle.

It is quite a niche exam there is only 55 ISSMP's currently in the UK compared with over 5000 people having the CISSP. I do not think the exam was too difficult and studied for it for around 2 months and imagine it will become more popular in time.

Is it possible to take the ISSMP exam before having the full 2 year requirement? Does ISC2 offer the same length of time to get the necessary experience for the concentrations (6 years) like with the CISSP?