Certified Systems Security Professional – CISSP

CISSP certification is the ideal credential for those with deep technical and directive competence, skills, experience and credibility to build and maintain security programs that protect organizations against increasingly sophisticated attacks. The CISSP uses a complete and updated global set of knowledge that guarantees the security leaders a deep understanding of the new threats, technologies, regulations, norms and practices.

Objectives:

• To Differentiate yourself from other candidates for desirable jobs in the growing information security market.
• To affirm their commitment to the field and continued relevance through continuing professional education and understanding of the best latest practices.
• To access valuable career resources, such as a network of contacts and exchanging ideas with pairs.

Pre-requisites:

For CISSP® certification candidates must have a minimum of five cumulative years of full-time paid professional work experience in two or more of the eight CBK®CISSP (ISC)2® domains, or four cumulative years of full-time paid professional work experience in two or more of the eight CBK CISSP domains plus a bachelor’s degree.

If you do not have the necessary experience, you can still take the exam and become an Associate of (ISC)2 until you get the necessary experience.

Visit www.isc2.org/associate to learn more.

Certified Information Security Manager – CISM

ISACA certifications are accepted and recognized worldwide. They combine the achievement of passing an exam with credit for your work and educational experience, which gives you the credibility you need to advance your career. The certification demonstrates to employers that you have what it takes to add value to their business. In fact, many organizations and government agencies around the world require or recognize ISACA certifications.

Objectives:

• To identify critical issues and customize specific company practices to support information governance and related technologies.
• To give credibility to the company you are employed.
• To take a complete view of information security systems management and its relationship to organizational success.
• To Demonstrate business customers your commitment to compliance, safety and integrity; ultimately contributing to customer attraction and retention.
• Ensure that there is improved alignment between the organization’s information security program and its broader goals and objectives.
• To provide the company a certification for information security management that is recognized by clients and multinational companies, giving the company credibility.

Pre-requisites:

Evidence of a minimum of five years of information security work experience must be provided, with a minimum of three years of information security management experience in three or more areas of work practice analysis (Work experience must be obtained within the 10-year period preceding the date of application for certification).

Experience Alternatives

The following certifications related to security and information systems management experience can be used to satisfy the indicated amount of information security work experience.

Two Years:

• Certified Information Systems Auditor (CISA).
• Certified Information Systems Security Professional (CISSP).
• Graduate degree in information security or a related field (e.g. business administration, information systems, information assurance).

A year:

• A full year of information systems management experience.
• A full year of general security management experience.
• Skills-based security certifications (e.g., SANS Global Information Assurance Certification (GIAC), Microsoft Certified Systems Engineer (MCSE), CompTIA Security +, Disaster Recovery Institute Certified Business Continuity Professional (CBCP), ESL IT Security Manager).
• Completion of an information security management program in an institution aligned with the Model Curriculum.
• Experience replacements will not satisfy any part of the 3-year information security management work experience requirement.

Exceptions:

Two years as a full-time college instructor teaching information security management can be substituted for every 1 year of information security experience.

Once a CISM candidate has passed the CISM certification exam and has met the work experience requirements, the final step is to complete the Application for CISM Certification found at isaca.org/CISMApp .