CISM or CISSP? Not able to decide? We will help you....
Let us first see the course content of each of the certifications....
Certified Information Security Manager
Certified Information System Security Professional
- Information Security Governance
- Information Risk Management
- Information Security Program Management and Development
- Information Security Incident Management
You also need a minimum of 5 years of information security related experience that should have been obtained 10 years prior or 5 years after passing the exam. Cumulative experience is accepted. Waivers are considered for a maximum of 2 years.You can visit ISACA official site for waiver details
- Security and Risk Management
- Asset Security
- Security Architecture and Engineering
- Communication and Network Security
- Identity and Access Management
- Security Assessment and Testing
- Security Operations
- Software Development Security
You get one chance to view a question and provide an answer. You cannot revisit previous questions. Alhough it is not stated, a skipped question is likely marked as incorrect. Therefore, guessing is still a better strategy than skipping. You should always attempt to eliminate question options from consideration, then select your answer from the remaining options.
CISM or CISSP which is better for you?
If you are planning your career as an infosec engineer, then CISSP would be enough. The better strategy however would be starting with CISSP and then move towards CISM. This way you have both hands on infosec experience and managerial traits to become a CISO.