My question regards CISM certification compared to the CISSP certification. Although the CISM is relatively new, I would appreciate it very much if you can update your views about it, especially as the CISSP certification seemed to upgrade its prerequisites towards becoming nearer to those of the CISM.
Alas, because the CISM exam has only been given once (earlier this summer), and haven't yet heard any reliable reports from those who sat for this first go-round, I don't yet have much to add on this credential to my original opinions. Also, ISACA (the parent organization) hasn't yet published info about how many takers sat, how many people passed, and so forth.
Thanks for reminding me that this exam has come and gone. I'll make a point of looking into it further and of reporting on it in the next month or two -- hopefully with more information than is available to me right now. Visit http://www.isaca-london.org/cism.htm for the latest info on the program from ISACA itself, and you'll see what I mean.
For more info on this topic, please visit these SearchSecurity.com resources:
- Careers and certification tips: Vendor-neutral certification update, spring 200
- Ask the Expert: Learning more about online infosec degrees
This was first published in August 2003