CISM versus CISSP - which certification suits you better?
- Dato: 07 October, 2020
CISM and CISSP are very popular certifications amongst IT professionals. Having a hard time deciding between these two? Learn more about CISSP and CISM in this article, to make your decision easier.
The Certified Information Systems Security Professional (CISSP) certification from (ISC)2 is the best paid certification in Europe, according to the Global Knowledge IT Skills and Salary Survey 2020. The Certified Information Systems Manager (CISM) certification by ISACA made it to the top 10 of most popular certifications.
CISM and CISSP are certifications that resemble each other. This makes deciding between the two difficult: how do you know which certification suits your career path better?
In this article Global Knowledge helps you out with this decision. Learn how CISM and CISSP complement each other and figure out which certification suits your situation best.
What does the CISSP-certification entail?
The Certified Information Systems Security Professional (CISSP) certification by (ISC)2 shows that you are a true information security expert. Your security knowledge is tested in eight domains during the exam. Learn more about the eight domains and the CISSP certification on this page
The CISSP-certification is a must have for different roles in IT security. Examples include security experts, managers, auditors, architects, developers and analysts.
How do you get CISSP certified?
For an official CISSP-certification, one needs at least five years of relevant working experience in two or more of the 8 CISSP domains. You also need to pass the exam, and attain a written recommendation from an existing accredited CISSP in good standing.
You are also allowed to do the exam if you don't have the required work experience. Once you pass the exam, you will be an associate CISSP. You'll have another six years to gain the five years of work experience you need to become CISSP.
For the CISSP-certification, you take a three hour long exam. This exam is about the 8 domains and consists of in between a 100 and 150 multiple choice questions. You've got three hours for this exam and need to have 70% of all answers in each domain answered correctly to pass the exam.
What does the CISM-certification entail?
As a Certified Information Systems Manager (CISM), you've got a wide variety of tasks. For starters, you get to develop and implement a security program. Part of this program is risk analysis and developing and securing an information security policy. It is the responsibility of the CISM to make sure the security program fits the needs of your organization.
The CISM certification is perfect for experienced information security managers and everyone who works in IT Governance. You will learn about four domains in information security. These domains are about compliance, risk management and security governance. Learn more about these domains and CISM on this page.
How do you get CISM certified?
After you've attended the training course, you can become certified by passing the exam providing that you have five years of relevant work experience in two of the CISM domains.
The exam consists of 150 English multiple choice questions. You have four hours to answer all of them.
What do I pick, a CISM or a CISSP certification?
CISM and CISSP are both must haves for a successful information security career. If you apply for a job role in information security, your resume will stand out with one of these certifications.
According to the Global Knowledge IT Skills and Salary Report 2020, the CISSP-certification is the best paid security certification. CISSP and CISM both made the top 10 of most wanted certifications. ISACA (the vendor behind CISM) states more and more IT professionals are pursuing the CISM-certification. And on their own website, (ISC)2 writes the CISM-certification and the CISSP-certification don't compete but complement each other.
Most IT professionals get their CISM certification first, and obtain their CISSP certification afterwards.