Why Certification Matters
Information Security certifications quantifiably demonstrate information security, risk, and/or privacy proficiency and are a complement to technical acumen and direct experience.
Every CISO Cyber Advantage consultant has one or more of the certificates below or is overseen by a Principle CISO who has the relevant certificates and experience.
C|CISO’s have executive-level skills in developing and executing an information security management strategy in alignment with organizational goals. C|CISO‘s understand that their information security decisions often have a direct impact on their organization’s operational cost, efficiency, and agility.
REQUIREMENTS | To earn a CISSP, the candidate must pass a two and a half hour test and have at least five years of work experience in all five of the CCISO domains. The CCISO domains include Governance, IS Management Controls and Auditing Management, Leadership, Information Security Core Competencies, and Strategic Planning and Finance.
CISSP’s possess the skills necessary to design, architect, implement, control and maintain cybersecurity programs for their organization.
REQUIREMENTS | To earn a CISSP, the candidate must pass a six hour test and have at least five years of paid work experience in at least two of the eight CISSP Common Body of Knowledge (CBK) domains and be endorsed by an (ISC)2 professional.
CRISC‘s possess the knowledge and expertise to help companies understand business risk and to implement an appropriate information system (IS) controls.
REQUIREMENTS | To earn a CISM, the candidate must pass a four-hour test that validates a candidate’s skill and knowledge in the fields of IT Risk Identification, Risk Assessment, Risk Response, and Mitigation, Risk and Control Monitoring and Reporting. The candidate must have a minimum of three years of experience working in information security program management.’
CISA‘s possess the skills to assess, control, audit, and perform ongoing monitoring of an enterprise’s IT business systems.
REQUIREMENTS | To earn a CISA, the candidate must pass a four hour test that validates a candidate’s skill and knowledge in the fields of information systems auditing, control, assurance or security. The candidate must have a minimum of five years of experience working in information systems auditing, control, assurance or security.
CISM‘s demonstrate skills needed for information security managers who assess, design, manage and oversee information security environments on an enterprise level.
REQUIREMENTS | To earn a CISM, the candidate must pass a four-hour test that validates a candidate’s skill and knowledge across four domains; Information Security Governance, Information Risk Management, Information Security Program Development & Management, and Information Security Incident Management. The candidate must have a minimum of five years of experience working in information security.
