I have known a few people with the the Certified Information Security Manager – CISM certification. Â I don’t think it holds as much weight that the CISSP, but then again I am biased. Â The industries that I have worked in (federal) give CISSP a pretty high level of trust for general security management type work. Â But I have heard that the financial world (banks, investment firms) give more weight to CISA and CISM.
The CISA (certified Information system auditor) and CISM are closely related and kind of cut from the same cloth. Â They are both from ISACA. Â Since both the CISM certification and CISA are on the DoD’s approved list of certifications, its a pretty valuable certification.
I noticed that those with security manager aspirations go for the CISM. Â Its a well respected certification and is often put on the same level as the CISSP for high level security positions.