CISM is still very convincing in the industry. It shows that you have a certain grasp of the basic knowledge of information security. Like all certifications, it is an affirmation of your knowledge, useful for job hunting, bidding, and trumpeting your accomplishments.
CISA: International Registered Information System Auditor
CISA (Certified Information System Auditor) has been registered by the International Association for Information Systems Auditing and Control (ISACA) since 1978. It has become a symbol of the licensee’s achievement in the professional fields of information systems audit, control and security, and has gradually developed into a globally recognized standard. CISA certified auditors in China are playing an important role in the field of information security and control, and information system audit is increasingly recognized by domestic enterprises. As of April 2008, 47 145 people have been certified worldwide, and only 666 people have been certified in mainland China. There are also considerable professional and personal benefits.
The learning objects:
- Information system audit consultant
- Traditional audit professionals
- Internal employees in charge of information system audit
- Personnel in charge of information system security management and planning within the enterprise
- IT manager, information security manager
- CISA candidates
CISSP: International Registered Information System Security Specialist
CISSP is a certification that reflects the level of qualification of information system security practitioners. It provides new opportunities and greater convenience for those who work in the field of information security to enhance their professional qualifications. The CISSP certification examination is organized and administered by (ISC)2. Persons participating in the CISSP certification are required to comply with the Code of Ethics of CISSP and to have at least 5 years of direct work experience in at least 2 out of 10 areas of the General Knowledge Framework for Information Systems Security (CBK).
Both are international certifications, in English. CISA has exams in both Chinese and English, while CISSP has exams in English only. CISSP is relatively difficult and difficult to take. If you have to distinguish between the superior, CISSP is superior. CISA partial audit, but CISSP is the international most authoritative, the most recognized information security certification, is the first through the ISO17024:2003 standard certification. Its certification object is mainly: enterprise senior level or senior security engineers of information security experts.
Certified Information Security Member, CISM, qualification for the enterprise information security, information security consulting services, information security assessment certification body (including authorization evaluation institutions), social organizations, groups, universities and colleges, enterprises and institutions related to information system application (network), construction, operation and management of technical department (including the standardization department) of personnel engaged in the work of information security. Obtaining this registration qualification indicates that one has the information security personnel qualification and ability and is qualified by the Chinese information security product evaluation and certification center implementation of the national certification.