Computer security is getting more importance day by day due to exponential dependence of information technology. Our institutional education does not deal with how effectively we need to handle information security risk in real world scenario-that is why there are many information security certification course. Among all the most prestigious and recognized courses are CISSP and CISA.
To become a CISSP you need to have 4-year experience in the field of information security or in similar types of field. (CISSP)Certified Information system security professional offer specialization and sound understanding of with ten domains of information security-
- Access control for information system.
- Telecom network security.
- Information security management.
- Cryptography.
- Information security models and architecture.
- Operational security.
- Business continuity plan and disaster recovery plan.
- Security laws, investigations and ethics.
- Physical security.
CISSP basically emphasis on the concepts and vulnerabilities aspects of security, whereas CISA (certified information systems auditor) exam. stresses on the auditing aspects of the information security. CISA is simply the best security auditing certification of the world in recent times and it focus on IS auditing and audit processes, IT governance, networking technology, Protection of information assets, life cycle management, DRP(disaster recovery process), and risk assessment. The average salary of a CISSP in USA is 70,000 USD. On the other hand, CISSP is all about what to look for vulnerabilities and how to to find it in a information system. In a much broader sense, CISA is about audit processes and CISSP is all about audit procedures.
