>I'd like to hear the comments. ... What do others think wrt the security
> qualifications of the CISA?
>
I have mixed feelings about CISA. I sat the exam in '88 when I was getting
into IT auditing, and passed with no study, as you'd expect for somebody who
was already a practitioner. As a professional qualification, I don't think
it has much value in Australia. I've moved once into another audit role,
and then into two subsequent security roles. In neither case did the CISA
have any impact on my getting the jobs. Since then I've been involved in
briefing CISA candidates for the security module, and found that the body of
knowledge was not leading edge, to say the least. So I think it
demonstrates some knowledge, but really only the elementary introductory
stuff. I might expect an experienced practictioner of IT audit or security
to have it, but a substantial body of knowledge/experience is worth far
more.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
