+ Reply to Thread
Results 1 to 6 of 6
  1. Junior Member Registered Member
    Join Date
    Mar 2016
    Posts
    2
    #1

    Default SAP GRC OR CISA/CRISC/CISM certifications ?

    Which of the two is desirable - investing (time and money) in SAP GRC & Auditing OR CISA/CRISC/CISM certifications in case the person has experience in SAP Proj Mgmt. (implementations) as well as SAP GRC/Audit projects.

    I'd like to hear especially from those who have worked in ERP implementation (SAP, Oracle etc) as well as SAP GRC/Audit areas and also have ISACA certification.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Apr 2014
    Location
    South Florida
    Posts
    857

    Certifications
    CISSP, CISM, CISA, CRISC
    #2
    According to your name the choice should be obvious.
    Reply With Quote Quote  

  4. IOCs? What IOCs???!! jcundiff's Avatar
    Join Date
    Jan 2016
    Location
    Morehead, KY
    Posts
    407

    Certifications
    CISSP, CRISC, ITILFv3, PCIP, RSA Archer, MSCE Win2000, A+, N+, Server+, Proj+, eBiz+,iNet+
    #3
    I have a GRC/Audit(in support of GRC... vendor audits) background, I have never heard anyone specifically asking for SAP certs in the field, CISSP, CISA, CRISC, CISM are expected or desired on just about any mid senior level GRC posting you see
    Reply With Quote Quote  

  5. Senior Member 636-555-3226's Avatar
    Join Date
    Jul 2015
    Posts
    863

    Certifications
    Lots of security certifications, yet the more I learn, the further I have to go...
    #4
    What exactly is SAP GRC? I'm well versed in GRC, but how is SAP GRC different from GRC in general?
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Apr 2014
    Location
    South Florida
    Posts
    857

    Certifications
    CISSP, CISM, CISA, CRISC
    #5
    I believe SAP GRC is an audit tool integrated into SAP ERM systems but i could be wrong.
    Reply With Quote Quote  

  7. Junior Member
    Join Date
    Dec 2015
    Posts
    18

    Certifications
    CISA
    #6
    I have an SAP background, but primarily from Audit, however, I've worked in SAP GRC a bit as well. Also, I just earned my CISA and I'm planning to move toward CISSP next. I'm in the US and outside of the Big 4 advisory groups or consulting firms, trying to find SAP certs can be difficult, so that is the direction I would go if I had that available as the other Certs can be obtained at another time. That said, it all depends.

    So, this greatly depends on what you are currently doing, what you want to move into and where you want to go long term. If your goal is SAP Security Admin/analyst/manager, then GRC 10.1 cert is the way to go. That said, if you want to move more into an audit related role, where you will touch on multiple modules of SAP, then CISA is the way to go. I know that at my company, they have a hard time finding SAP security folks who do not have very specific and particular experience in one module of SAP. Since it sounds like you have already worked in a consulting capacity and have experience with SAP, then going the direction of CISA could be valuable as it would position you to move into IA. This would provide more opportunities to assist on Business process related work.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks