Thoughts on the CISSP? It seems kind of scary to me coming from more of an accounting background. Currently in IT audit and would like to get more technical knowledge and maybe transition to something non-SOX and hopefully more cyber. Think the CISSP is worth it for this?

like
Posting as :
works at
You are currently posting as works at

Literally same pretty path as you dude. Came from accounting background on IT audit and looking to transition to take the cissp as well

like

IT auditors/consultants generally perform better than technical ppl on the CISSP. This is because IT auditors are focused more on the broader governance/management of the cyber program, and technical ppl tend to leverage their real-world experience, which may not fit into the “perfect ISC2” world.

CISSP is a management cert more than anything else. The technical stuff isn’t very deep. I personally recommend just diving into the material. The official book is quite dry though especially if you don’t have familiarity with the concepts. I suggest using a variety of sources to learn: book, practice questions, videos, flash cards.

like

just study for 4-5 months and take the exam. Not as hard as technical certification.

Yes the cissp is worth it, it's about the most technical exam you can take that isn't a platform or domain specific cert.

Would you all recommend that I study some concepts in general before studying for the actual exam prior? In terms of technical things

CISSP is not very technical and "cyber" is very vague. Depending on what cyber means to you the CISM or one of many more technical certs (CISA - gov agency - has a list). Also if the main goal is to get out of SOX, CISA (cert) will help you into IA and SOC. And a good prep for CISSP if you still want it.

Thanks! I have the CISA, I have just heard that CISSP is more technical and more for people that are doing other non-SOX work (which is what I do) like PCI, etc. I’m pretty decided on going for it so thanks for the advice

Related Posts

Hi can anyone tell me how is the promotion cycle and performance review in GS ?
Like how many years it can take for 3 year experience Analyst joining laterally to be promoted to Associate in Compliance Division.

like

What is hierarchy level in PWC AC for manager . I heard within Manager grade there are 3 level ?? Which is highest level .

like

Any recs for insightful and well written books on entrepreneurship? Friend is trying to launch his own startup so I’m thinking of sending him a relevant book as part of a thank you gift

like

Has anyone successfully been able to pivot to careers without stepping back after 10+ yrs of implementation work? I’d love you hear your journey and how you went about doing so.

like
like

I’m a newer registered nurse (2 years) and want to get into remote work. I keep getting denied due to lack of experience but to even get the job I have now (case manager) the company knew one of my family members and they gave me a chance to interview because of that. For these remote companies where I don’t have connections how can I transition over?

likehelpful

I was just talking to a younger friend who goes to Cal and It seems like the kids these days hate FAANG or at least Amazon and Facebook are not desired at all. I personally don’t see too many issues working at either Amazon or Facebook because I work at Deloitte where I’m sure we have many questionable clients and worked in financial services before. Curious on whether people are thinking about the ethics of their exit company when deciding to move?

likesmartfunny

I have 8 years of experience, working as UI developer (Angular)
Have 3 offers from Mindtree, Cognizant and Harman Connected services (7.5% variable). Mindtree is offering less as compared to other two.
Please suggest where should I join which would have better learning and work life balance as well

like

Tips to build my brand and network as a junior practitioner navigates their career to the next level at the firm?

like

Trying to transition and looking for a general progression of how you would go from essentially zero to entry level job as quickly as possible?

Currently going through the CS50 course to get a very basic introduction. Trying to avoid going back to school but open to boot camps if the community thinks they're with it.

Thanks in advance!

likesmart

Hi guys I am posting this again I have offer of almost same package from Accenture and IBM . Accenture offering is very slight more but that's not my key consideration. Which company is better in terms of job security, work life balance. That's the top most factor I am considering. Learning and project and latest niche technology is the other important factor after first 2 factors .

like

I have offers from PwC India and EY GDS with same CTC in technology domain. Which one should I choose and why?
The important parameters for me are annual hikes, promotion, work life balance, learning, growth and exit opportunities. Kindly help.

like

Recently made a job switch and have been using a lot more excel. Any free resources to help build a solid foundation / fee based courses to help improve my skills?

like

Looking to do a Mock interview for Microsoft MBA Aspire program! Microsoft

Hi Fishes,

I have been applying to companies for the post of Data scientist / Data Analyst for a while now, but I am not going past the screening process.

I am from the cyber security domain and intend to pursue a career in data science

Need some input from an experienced data scientist on my profile to know what is missing from my profile.

Please reply back and I will DM my profile details to you.

like

Bain & Company Atlanta people! I’m in the process of applying for MBA programs and wanted to ask what recruiting is like for MBB from Emorys program? Is there a reasonable shot at getting into the Atlanta office from Emory, or are those openings primarily filled by other schools (Duke, UVA, etc.)

Boston Consulting Group
McKinsey & Company
Bain & Company

like

Want to switch from graphic design (mostly doing print, some digital) to UX/UI. Some advice, tips on how to make a transition? Classes, videos, books, interning? How to find first projects? Thanks.

likeuplifting

Any KPMG associates who can share org levels. I heard Sr Manger at Accenture, Deloitte is equal to Director at KPMG. Is is true? can some one share insights

My dream job just landed in my inbox. What did you want to be when you grew up?

Post Photo
likeuplifting

More Posts

What percent do you think big law firms collect on large class action lawsuits? On average, assuming it is all on a contingency basis.

like

Hi Fishes,

Anyone from Commodities and Global Markets team? I have an offer from the same would like to know how is the Work like balance and overall team?

Any leads will be helpful.
Thanks in advance

like

The pandemic, mental health issues, and financial stress caused my work to suffer. What do I do?

like
like

I've recently went to a restaurant and saw a robot waiter, I thought that was the coolest thing. What do you all feel about this shift in the restaurant industry?

like

Looking for a pair of stylish but comfortable shoes for the weekend grind. What do you guys wear?

like

I've asked. It's official. You can be the writer on a script and not be allowed past that point due to hierarchy. How do you leverage this for some give and take then? If I am the writer and all...

like

PwC India Hi fishes, Can someone refer me for this position-
Associate - Corporate and Business Strategy - Strategy Consulting?
PwC India PwC

like

Anyone pack their lunch and if so what do you pack??

like

Dinner compensation allocation by firm

Post Photo
likefunny

I was wondering if the review course “CPE Self Study Course” for the CFF was enough preparation to study and pass the CFF exam. The CFE review course was enough and like if you get a question wrong it explains it well so that when it comes up in a different way in the real exam you can still get it. But when I saw the outline for the CFF material and there seems to be a lot of topics so I was wondering if the review course was sufficient considering this exam is also multiple choice. Thanks!

like

Who wants to be a millionaire?

likefunny

I'm an EMR implementation specialist looking to transition into consulting. Does anyone know of any opportunities where this kind of experience would be useful? Thank you for your help in advance!

like

Has anyone transitioned from litigation to corporate counsel/contracts type work? If so, how’d you like the change?

like

I accepted a new job, they said PTO was “generous.” I find out it’s 19 days a year of PTO (which includes sick days). I have two young children and we like to vacation 1-2x a year (no more than a few days away each time). Am I crazy that this is pretty limited time off? 8 of the normal holidays off during the year (working the week between Christmas and NYE). Thoughts? I dont know if lack of PTO is a good reason to back out, is it?

like

What happens to your shares if you are partially, or not even 1 yr vested at a pre-IPO company and the company goes public? When you continue on your vesting schedule, what price do you purchase your vested shares at?

like

Full disclosure, I didn’t read past the first sentence.

Post Photo
funnylike

Could anyone share what the average salary is for mangers and senior managers with in Big Four audit and advisory

like

I'm feeling overwhelmed by my workload, but I don't want to ask for help because I fear looking like I'm unqualified to do the job. What should I do?

like

Anyone have tips on writing a cover letter without referring to anything in the resume?

like

Additional Posts in Risk Assurance

How does IT SOX audit in industry usually do during recessions?

likehelpful

London, Dublin, Luxembourg, Munich. Choose a place to move to from NYC. Fuck H1B.

Can you recommend any resources to gather data on risk ratings etc for benchmarking? Particularly interested in sector breakdowns and publicly available sources are scarce. Thank you!

like

Are the exit opportunities better in Internal Audit/Business Process than IT Audit? All I hear is how awful IT Audit is but don’t hear as much complaining from the business side

like

I'm a Tech Risk SC, but have an accounting/finance background. I'm doing the FRM now for broader cert experience, is it worth doing CA long term in my area?

How is IT audit at Baker Tilly? Looking to change from a big 4.

like

Mid year promotions, I found out you need to make your own case for it rather than the firm coming to you. If you think you’re ready make sure you speak up!

Should I take this offer in a second line role with similar bad WLB as public? Current salary: 155k base, 8k annual bonus (7YOE):

Offer:
170 base
17k sign on
25,500 (15% annual bonus)
28k annual RSUs (vest quarterly)

like

What exit ops are there outside of testing controls all day? Getting tired of this. Resume is ready

likefunny

Any strong performing seniors looking for a pay increase and potential fast track to manager? Reach out to me. Expanding the team and would love to bring in some new talent.

like

Crowe is hiring for quite a few positions across the US (Internal Audit, IT controls and cyber/digital security, Compliance,etc)… I’m a manager and would think some of these niche areas have great opportunity for new folks to excel rather quickly. Great flexibility and mobility policies. I’d be happy to chat if interested and get you directly in touch with the right people internally.

likefunny

What is the RA team at EY called? And how are your hours? Busy season?

like

Does Deloitte and PWC has a dedicated app sec pen-test team? What percent of the time do you travel? Do you guys work from home or need relocation to any place in US?

like

Risk fishes I’ve got an question. Would it be really beneficial to do MBA as a Risk consultant and would it be an enabler for me to step up towards being a partner in the big4?

like

If anyone is looking for a referral as an experienced hire to the PwC DAT (Digital Assurance & Transparency - formerly Risk Assurance) practice let me know and would be happy to refer you. We are actively looking to hire.

like

How do you continue to improve yourself after putting in 50-70 hrs of work a week?

Is KPMG, EY and PWC considerate about one not wanting to travel and chosing local projects in the IT Assurance practice? Please share your experiences. Thanks!

I lead our SOC practice for a US mid tier cpa/consulting firm. I've been losing a lot of deals due to lower cost / boutique vendors who are partnered with these SOC automation platforms (Vanta, Laika, etc.). Have any of you used these tools for the audit and what has your experience been like? Thanks

like
like

New to Fishbowl?

Download the Fishbowl app to
unlock all discussions on Fishbowl.
That was just a preview…
Sign Up to see all discussions
  • Discover what it’s like to work at companies from real professionals
  • Get candid advice from people in your field in a safe space
  • Chat and network with other professionals in your field
Sign up in seconds to unlock all discussions on Fishbowl.

Already a user?
Login here

Share

Embed this post

Copy and paste embed code on your site

Preview

Download the
Fishbowl app

See what’s happening in your industry
from the palm of your hand.

A phone with Fishbowl app

Scan your QR code to download
Fishbowl app on your mobile

Download app

Sign up for free to view this conversation on Fishbowl

By continuing you agree to Terms of Use and Privacy Policy

Already have an account? Log in

Sign up for free to continue using Fishbowl

By continuing you agree to Terms of Use(New) and Privacy Policy(New)
Messaging rates may apply

Already have an account? Log in

For account settings, visit Fishbowl on Desktop Browser or

General

Legal