Hi,

I am considering taking the BCS ISEB Certificate in Information Security Management Principles (CISMP) as this seems to be the only security cert that relates directly to ISO 27001. I have already completed vendor certs like CCSE+, JNCIS-FWV and Security+ but all these seem biased towards US IT Security Legislation.

It seems a bit wateful as I guess this is about the same level as my Security+, certainly the sample 20 questions seemed very straight forward, but I cannot see any other way to train on ISO 27001 other than the BSI Auditors Exam.

Does anyone here have any experience of these qualifications and could they provide a little guidance.

Thanks

Garnet

Jamie - not so fast, plenty of us UK folk active or lurking in EH-Net.

Garnet, afraid I don't have any experience of the ISEB qualifications so can't provide any insight there, but if you're looking training directly relevant it 27001, take a look at SANS' offering MGT411. Admittedly I've not taken this either, but I've been looking down a similar path and this is currently my preferred option.

On another note since there are more UK peeps here if you in the midlands you may want pop along to https://www.owasp.org/index.php/East_Midlands

One last thing, a useful little link:

http://www.computerweekly.com/feature/IT-qualifications-security-credentialshttp://

Hi,

I think CISM is probably the best known as it has been around the longest. However, ISEB is an Internationally renowned certificate offering which comes from the British Computer Society in parnership with NCS.

Foundation level equates to AMBCS level while the practitioner level equates to MBCS (Honours Degree Level). CISSP is similar to practitioner level but is multiple choice multiple answer not essay based like ISEB.

For me CISSP is like Security+ but longer, a mile wide and an inch thick I have heard said. ISEB is more job focused.

Regards,

Garnt