Just received email from ISC2 Member support about the acceptance of the endorsement and award the ISSMP Concentration Designation on 13 Jan 2020.
Just share the timeline a bit, just in case any of you are in the queue/middle for endorsement review.
I took the exam on 25th Nov 2019.
Submitted the endorsement on 27th Nov 2019, got the result today.
So it's still within the end of week 6 timeline to get the result of review and mark an end for this "waiting" process (for now until the next certification).
Patience is virtue and this is worth waiting for.
@KaityEagle Thanks for your prompt reply on my certification enquiry.
Basically i am taking CISM and ISSMP at the same time last year, one day apart with the each other, ISSMP first and followed by CISM the next day. There are a lot of overlapping areas/domains between these 2 exams.
I took last couple of days before the exams and performing very intensive exercise over the Official CISM QAE from isaca, going through 800-900 QAE (i did not complete all of them, all is about 1,000+) and also study Official (ISC)² Guide to the ISSMP CBK, Second Edition, focusing on Domain 4 and Domain 5 which is not fully covered in CISM domain or unique to ISSMP.
The key point is not to remember the question and answer, but as a mental exercise to think if you were in that situation, why you should take this approach but not the other choice and understanding what's wrong (or not the best) with the other choices.
Everyone has their unique knowledge and experience, but what work for me, may not work for the others.
Overall, i think ISSMP is not difficult (to me), comparing with the other exams that i had (CISSP, CCSP or ISSAP), where i have spent much time in preparing those.
The ISSMP overlaps the CISSP, but simply goes into more depth and expects that you've read the references at the end of each CBK. Strangely, I found it more of a practitioners exam, as you'll find you've read at lot of those references during your generally IT and InfoSec work over the years.
Yes, I do agree there are overlaps with CISSP, as the title describes, it's a concentration within CISSP and expected more in depth focusing on the security management perspective. (where ISSAP focus more on infrastructure, application, design, SDLC and cloud related)
Rather than going to chapter by chapter and reference by reference, i went through official sample test (eg. CISM) and got around 70% correct without reading any study guide or reference, therefore my approach for ISSMP is focusing on the areas which I am not certain and refresh (or clear out) those.
Honestly work experience in general IT, infoSec and mangerial experience over the last decade definitely help for me.