I have a question for you ,I am looking for a certification in Information Security that should a correct path to my career after 9+ years of experience in ITIL , ITSM , Compliance , ISO 9000 , ISO 27001, Project Management ,Application Design and Testing .. As now I want to give my career a road reaching Information Security Professional. Was already looking for some courses like CISSP , CISM etc . However that s confusing me now. I am looking forward to your advise and suggestion that would prove as my guidance in archiving my Professional goal.
From my point of view, if you already have knowledge and experience about ISO 27001, the next step can be a qualification like CISA, or ISO 27001 Lead Auditor certification. Generally CISSP is more focussed on technical issues, CISA is developed for IT auditors, and CISM is developed for IT security managers. This article can be interesting for you “CISA vs. ISO 27001 Lead Auditor certification” : https://advisera.com/27001academy/blog/2015/05/11/cisa-vs-iso-27001-lead-auditor-certification/