+ Reply to Thread
Results 1 to 16 of 16
  1. Junior Member Registered Member
    Join Date
    Mar 2016
    Posts
    4

    Certifications
    Security+, CISM
    #1

    Default Is it worth having both the CISSP and the CISM

    I passed my CISM two years ago, and now I'm studying for the CISSP. Is it worth having both? It almost seems like the same content. How beneficial job hunting wise is it to have both? Who has both and how marketable has it made you?
    Reply With Quote Quote  

  2. SS
  3. Senior Member
    Join Date
    Apr 2015
    Location
    UK
    Posts
    127

    Certifications
    CISSP, CISM
    #2
    Made a big difference for me. I also see lots of job postings asking for both certs.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    May 2013
    Posts
    1,484

    Certifications
    CISSP, CISA, GWAPT, GSEC
    #3
    Jobs in the U.S. are usually one of the two...but CISSP is seen as the gold standard so it will show up more frequently, where the CISM is a lot less known. I believe there is only like 30,000 CISM worldwide and around 80,000 CISSP in the U.S., which is more a testament of how many people will be familiar with one over the other not necessarily an exclusive club like with a CCIE for example.
    Reply With Quote Quote  

  5. Scruffy-looking nerfherdr tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    775

    Certifications
    SSCP, Security+, eJPT +4
    #4
    Most people I know earn CISSP first and then earn CISM only if they want to move into management/leadership positions, such as CISO or CIO. It's true that CISSP will open more doors for you.

    A former co-worker earned CISSP and then sat for the CISM exam a few years later without studying. He said there was a lot of crossover.

    If I were in your shoes, I'd pursue CISSP. Having CISSP and CISM together will do you a lot of good, depending on your career goals.
    Reply With Quote Quote  

  6. Senior Member DZA_'s Avatar
    Join Date
    Sep 2017
    Posts
    133

    Certifications
    Look Ma! No Certs!
    #5
    Quote Originally Posted by mattster79 View Post
    Made a big difference for me. I also see lots of job postings asking for both certs.
    I'm literally writing my CISM this Saturday morning. I'm anxious to get it over with!

    Cheers,
    DZA_
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Apr 2015
    Location
    UK
    Posts
    127

    Certifications
    CISSP, CISM
    #6
    Quote Originally Posted by DZA_ View Post
    I'm literally writing my CISM this Saturday morning. I'm anxious to get it over with!

    Cheers,
    DZA_
    Good luck for tomorrow 👍🍀
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Mar 2011
    Location
    Chicago
    Posts
    1,388

    Certifications
    CISSP-ISSAP, HCISPP GPEN, GSEC, GSNA, GCIH, E|CH, ECSA, Security+
    #7
    Quote Originally Posted by TechGuru80 View Post
    Jobs in the U.S. are usually one of the two...but CISSP is seen as the gold standard so it will show up more frequently, where the CISM is a lot less known. I believe there is only like 30,000 CISM worldwide and around 80,000 CISSP in the U.S., which is more a testament of how many people will be familiar with one over the other not necessarily an exclusive club like with a CCIE for example.
    ISC(2) recently proclaimed 125,000 certified individuals in the the January/February 2018 Information Security Magazine. I have no clue as to the number of CISMs out there but its hard to argue with the ISC(2)'s marketing and public relations departments.

    - b/eads
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    May 2013
    Posts
    1,484

    Certifications
    CISSP, CISA, GWAPT, GSEC
    #8
    Quote Originally Posted by beads View Post
    ISC(2) recently proclaimed 125,000 certified individuals in the the January/February 2018 Information Security Magazine. I have no clue as to the number of CISMs out there but its hard to argue with the ISC(2)'s marketing and public relations departments.

    - b/eads
    Ah was that 125,000 worldwide or the United States?...I was just looking at ISC2 website so they must not have updated that yet. I am sure some of it has to do with when the certifications were originally released but I've never heard rumblings that CISM will overtake the CISSP at least not anytime soon.

    https://www.isc2.org/About/Member-Counts
    https://www.isaca.org/About-ISACA/Pr...by-Region.aspx
    Reply With Quote Quote  

  10. Junior Member Registered Member
    Join Date
    Mar 2016
    Posts
    4

    Certifications
    Security+, CISM
    #9
    Thank you all for your insight. I guess having one is better than having none, but having both will help me stand out. And yes, CISSP is noticed more than the CISM. I guess I should have gotten it first.
    Reply With Quote Quote  

  11. Junior Member
    Join Date
    Dec 2016
    Posts
    13

    Certifications
    CISSP,CISM,ITIL,Prince 2,CPISI,Security+,CEH,CCIE
    #10
    Good to have both the certifications. especially out side US.
    Reply With Quote Quote  

  12. Junior Member
    Join Date
    Apr 2015
    Posts
    27

    Certifications
    CISSP, SSCP, HCISPP, COBIT 5 Foundation, COBIT 5 Implementation
    #11
    It's good to have both, specifically if in management or leadership roles.
    Reply With Quote Quote  

  13. Member H-bomb's Avatar
    Join Date
    Oct 2015
    Posts
    79

    Certifications
    CASP, CCSK, SSCP, ITIL, Security+
    #12
    Get both! IMO I think passing the CISSP first, gives you a great advantage and foundation of the concepts required to clear the CISM. This is comming from someone who wrote (and passed) both exams in the past 1.5 months.
    Reply With Quote Quote  

  14. Junior Member
    Join Date
    Apr 2015
    Posts
    27

    Certifications
    CISSP, SSCP, HCISPP, COBIT 5 Foundation, COBIT 5 Implementation
    #13
    I completely agree with H-bomb. I took the CISSP first. Then COBIT Foundation and Implementation (the company required COBIT training). I cleared the CISM is less than 1.5 hours. If you can pass the CISSP, you can pass the CISM. But understand governance and risk management.
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Oct 2017
    Location
    Asia
    Posts
    281

    Certifications
    CISSP, CASP, CRISC, CISA, ISO27001 LA, CISM (application pending)
    #14
    Quote Originally Posted by H-bomb View Post
    Get both! IMO I think passing the CISSP first, gives you a great advantage and foundation of the concepts required to clear the CISM. This is comming from someone who wrote (and passed) both exams in the past 1.5 months.
    I'm currently doing it the other way around. Sat for CISM in December and hoping to sit for (and pass) CISSP in March 2018.
    Reply With Quote Quote  

  16. Member H-bomb's Avatar
    Join Date
    Oct 2015
    Posts
    79

    Certifications
    CASP, CCSK, SSCP, ITIL, Security+
    #15
    You got this!!!
    Reply With Quote Quote  

  17. Member
    Join Date
    May 2017
    Posts
    76

    Certifications
    CISSP
    #16
    I guess it depends a lot on what you want to do. From what I've seen often they ask for CISSP and/or CISM partly because they don't really know the difference and may accept one in lieu of the other. CISSP is harder (from what I've heard) but if you need it I'm sure you can get it.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks