Ask the Expert

I'd like to enter the information security management field. What cert programs should I focus on?

I am a management graduate with three years of experience. I would like to get into the information security management field and eventually become a consultant in information security (as well as audit information security management systems). What should I be doing to get into this field and what are the courses I should be targeting? What is the scope of this field in today's market?

Requires Free Membership to View

Given your interests, you should look into both of the major offerings from the ISACA certification program -- namely the CISA (Certified Information Systems Auditor) and the CISM (Certified Information Security Manager) credentials.

Anyone who wants to do IT auditing will benefit from the CISA, and as long as you're going to be involved with that organization anyway, it makes sense to pursue your InfoSec credential there as well (which should qualify you for various discounts on training and membership, if memory serves correctly). The ISACA also offers pointers to quality training in these subjects, and will help you identify what you must know and be able to do to earn these certifications.

Best of luck in your studies and on your exams.

This was first published in June 2007

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: