I: CISM International Information Security Manager
CISM (Certified Information Security Member) is a Certified Information Security Manager certification founded by ISACA. It is dedicated to management level, focusing on Information Security strategy, evaluation system and policy. Since its launch in 2002, it has been praised by senior Information Security managers all over the world. To date, more than 28,000 people have received the certificate. CISM focuses on management and is a globally recognized recognition of individuals’ ability to develop, build and manage enterprise information security systems. The maintenance rate of the CISM certificate exceeds 95%- click this you can know more
Other information security certifications focus on specific technology, operating platform or product information, or on the initial years of information security work. Only CISM for information security managers. CISM Certification In Sanfrancisco the focus is no longer individual technology or skills, but transferred to the information security management of the entire enterprise.
CISM is aimed at individual managers who manage and oversee information security in an enterprise, many of whom may already hold relevant certifications in other fields. Because of the focus on management needs, so that work experience is relatively important, so CISM requires a minimum of five years of information security management experience, and the content of the exam is also focused on the daily work of information security managers.
[CISM is suitable for those people]
- CIO/ Senior IT Manager/Enterprise Information Security Supervisor CSO/ Director of information Center
- Information system audit professionals and IT auditors
- Managers and technicians responsible for information system security management and planning
- Information security industry insiders, IT or security consultants
- Any person who is required to manage, design, supervise or evaluate the security of the organization’s information
- 3-5 years of information security management experience
II: Risk and Information System Monitoring Certification of CRISC
CRISC (certified in risk and information systems control) founded by ISACA is mainly designed for personnel with experience in it risk management and is control design, implementation, supervision and maintenance. Risk refers to the uncertainty of deviation from the achieved goal. ISACA pointed out in cobit5 that all it risks are business risks.CRISC fully supports risk control of COSO, Basel II / III, gamp and other enterprises. In 2017, the government opened the simplified Chinese examination in Chinese Mainland.
CRISC is a global top it professional certification.
CRISC can target it chief risk officer (CRO) in financial / banking industry. Or similar decision-making roles in other industries (such as oil, medicine, listed companies. Multinational groups.CRISC. Like CISA / CISM. Is certified by the U.S. Department of defense and relevant standards organizations. According to the statistics of the United States in 2015. The average salary of crisc holders among IT employees is the highest in the world. With an annual salary of more than USD120,000.
[suitable for those people]
Information Security Manager, Risk Manager; Control manager, Compliance Manager;
Other IT risk-related personnel;
CRISC test takers, etc.;
CIO, CSO, risk management, control, compliance supervisor, IT manager, responsible person;
CRISC and CISM differences
CRISC focuses on risk and strategic level security. While CISM focuses more on information security management and enforcers.
Two certifications are information security advanced certification, more suitable for financial industry personnel test.