I took both and found them to be rather different. CISA is focused
more on auditing the policies, processes and conformance with
industry practices. It does not really go into technical details.
CISSP is certainly more technical and gives a broader but still
superficial grasp of security concepts and technologies.

In terms of studying for them, I found CISA to be more abstract,
requiring a 'higher level' approach to issues. CISSP's sheer scope
means that there is a lot of ground to cover...more than CISA
actually.

Both however has certainly helped to increase my scope of thinking
and understanding the considerations when assessing security
solutions.

My advice: CISA is held only once a year in June (4 hr paper). Take
it first. Then proceed to the CISSP (6 hrs!). Good luck!

______________________________________________________________
For the latest news, go to http://www.asia1.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]