Has anyone done the CISM certification? If so, I'd like to know how difficult it was for you to obtain with a beginner IT background?
Sort by:
I obtained the CISM about three years after completing my CISSP. I would say the CISM is not really a certification for someone with a beginner IT background. It's meant to show that you have the skills and management acumen to be a manager of an IT security team, and I think you can't do that very well without a solid IT background.
I will say that if you pass the CISM, you should take the CRISC soon after. There's a ton of overlap between the two certs.
I obtained my CISM while enrolled in my MBA program and spent a month preparing. It focuses more on general security practices and strategic planning as it relates to security. I come from a background of IT and Security, so it was not as difficult. If you study the principles and take advantage of practice test, you should be fine.
With a good Cyber background, a few weeks of study should prepare you for the test. Use the practice tests a few times and you will be good.