We recently underwent a Data Safeguard Audit and I was able to use this an an excuse to kick of a body of work to review the entire security for our organisation. In the end, we did pass the audit but not after some seriously hard graft by implementing an ISMS according to the Gospel of ISO27001.
On the back of this I've convinced the powers that be to fund my (remote) attendance at a CISSP review and exam prep course (of course no funds available for transport or accommodation). The course is less than £1,000 which is either great value or I'll get what we've paid for (I do hope it's the former).
SO... I thought I'd share my experience of attempting to gain the CISSP qualification. I've been told it's not easy and requires some serious commitment - along with the stringent background checks to make sure you have your 5 years experience in IT security.
I plan to read the Shon Harris CISSP Exam Guide (4th Ed.) and possibly the Official Guide to CISSP CBK(4th Ed.) over the coming weeks; (remotely) attend the CISSP Certification Exam prep course; create flash cards and post-its for all facts I'm not 100% on; download some study MP3s for the car and mobile; videos for my lunch breaks, evenings and weekends; and attend a CISSP study group once a week for 2 hours. All this without sacrificing too much of my social life?! I guess that will have to wait to be seen...
I'll keep the updates coming over the next few months - I am aiming to complete the exam within 3 months from now, so beginning of October if all goes to plan. I'll keep it to my personal experience - what works for me, what doesn't work, good resources, bad resources, etc., and feel free to let me know of any tips, tricks or useful links in the comments!
No comments:
Post a Comment