Hello all. I'm trying to get into the IA arena after I complete my Sec+. I have minimal IA experience and would like to know what you guys think is my best bet for an IA cert. I'd like to either get the SSCP from ISC2 or CISA from ISACA. Looking at IA job descriptions on Department of Defense (DOD) and non-DOD websites, they want either CISSP or CISA. I don't have the experience for CISSP for sure.
I used to be U.S. Army Artillery for 5 years, DOD physical security for 1 year, and I do Retina scans and WSUS patching on a DOD information system daily and for 4 years total. Do you guys think this is enough experience to meet the CISA or SSCP requirements? I don't know what else they could want. I haven't applied at all, I hate being denied. I mentioned the physical security because I've been told I can use 1 year of that towards experience.
CISSPs out there have any help?
+ Reply to Thread
Results 1 to 2 of 2
- Senior Member
- Join Date
- Jun 2008
- Location
- Wichita, Kansas
- Posts
- 225
- Certifications
- CISSP, MCITP:EA, MCSE:S, MCSA:S, ITILv3, Security+, Network+, A+, 2x-MCP, 4x-MCTS
12-28-2009 01:22 PM #1
ISACA CISA OR ISC2 SSCP experience???
- Senior Member
- Join Date
- Jul 2008
- Location
- Los Angeles
- Posts
- 115
12-28-2009 06:25 PM #2Out of those two options (SSCP/CISA) it sounds like your best bet is the SSCP. Unfortunately you don't see too many employers calling out for the SSCP vs the CISA. The CISA does have an experience requirement also. The ISACA CISA page list the experience requirements as:
A minimum of five years of professional information systems auditing, control or security work experience (as described in the CISA job practice areas) is required for certification. Substitutions and waivers of such experience may be obtained as follows:
* A maximum of one year of information systems experience OR one year of financial or operational auditing experience can be substituted for one year of information systems auditing, control or security experience.
* 60 to 120 completed college semester credit hours (the equivalent of an Associate or Bachelor degree) can be substituted for one or two years, respectively, of information systems auditing, control or security experience.
* A bachelor's or master's degree from a university that enforces the ISACA sponsored Model Curricula can be substituted for one year of information systems auditing, control, assurance or security experience. To view a list of these schools, please visit Programs Currently in Alignment with the Model Curriculum for IS Audit and Control. This option cannot be used if three years of experience substitution and educational waiver have already been claimed.
* Two years as a full-time university instructor in a related field (e.g., computer science, accounting, information systems auditing) can be substituted for one year of information systems auditing, control or security experience.
Experience must have been gained within the 10-year period preceding the application date for certification or within five years from the date of initially passing the examination. Retaking and passing the examination will be required if the application for certification is not submitted within five years from the passing date of the examination. All experience must be verified independently with employers.
You might want to contact ISACA directly to get a better idea if your experience will meet the requirement.
Requirements for CISA Certification
Quote
-->
Bookmarks