Congratulations and welcome to the certification hog club and I mean that in the most affectionate way possible! I hope that you have a supportive employer because the time and dollar commitment to maintaining multiple certifications cannot be understated.
Both the ISSMP and the CISM have lots to offer and they even have some overlap, but the real hard question to ask yourself and the certifying organizations is whether or not there is real growth with the certification. That will give you a hint at its trajectory. Consider membership counts and marketing visibility - that's what drives community and professional engagement.
@JackSussmilch I would say that the CISM tries to compete the they CISSP. I have known people who have tried and failed the CISM, and I know why! The two certifications come from very different mindset. I believe the CISSP comes from a best practices mindset, where as the CISM comes from a what's best for management mindset. If you try to take the CISM with a best practices mindset you will not be happy with the outcome.
While I have not looked into the ISSMP concentration I would expect that it would go into deeper knowledge than what is covered with the CISSP.
I was offered to be grand fathered into the CISM when it first came out and declined. My main reasons where that I already have the CISSP and I did not want to have to bother with tracking CPEs and paying fees for a certification I felt was not as good as what I already had. With resent changes the ISC2 has combines fees for certification so one fee covers all that you have with them, which I like, and CPEs can be applied to multiple certifications as long as they apply.
If I have missed the mark with any of this I hope others will step up and correct me,
But that's my .02
Having lived through the dark ages of paying individual certification fees I seemed to have forgotten how good we now have it with (ISC)2. The Board Member that dreamed up combined fees really needs to get a medal of honor! I won't get into the rollout which was a little bit of a roller-coaster!
Now, in terms of mindset @JKWiniger is spot on, in fact that premise applies to the entire catalog of ISACA certifications - I know because I passed and certified all of their credentials. Does having the CISM matter? Its not like the classic "wine pairing" that we used to do i.e., start with the CISSP then add on the CISA, etc. In today's world, especially in defense, you need to layer on technical skill. Whether that is program management with the PMP or other "offensive security" type certifications that will differentiate you.
"You take the blue pill, the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill, you stay in wonderland, and I show you how deep the rabbit hole goes. Remember: all I'm offering is the truth. Nothing more."
Which will it be?
Thank you JK,
That perfectly summarises what I have read regarding the CISSP and CISM and it makes perfect sense.
Definitely it makes more sense for me to keep this raft of certifications under the one roof, or so to speak.
I wonder what people who have obtained the ISSMP have to say. For me, I am most interested in the content - the visibility of the certification comes secondary to that to some extent.
"Candidates can register for the (ISC)² online proctoring pilot test beginning today. Online examinations for the CAP, CCSP, CSSLP, HCISPP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP and SSCP certifications will be administered February 15, 2021 – February 21, 2021. Online CISSP examinations will be administered February 22, 2021 – February 28, 2021."