Depends on your goals and where you want your career to go. If you are keen on auditing/risk go for CISA first, if you are keen on a broad range of security topics go for CISSP. The latter gives you a good grounding in security. The former also but more relevant to security auditing.