Certification Magazine - November 2007 - (Page 22)

audit departments often work with a company’s core business units and executive management, having some common ground with audits is a good way to get greater exposure to the businesspeople in your organization. Another benefit is that, although most IT pros are aware of these issues, they don’t understand them in the context of audit and compliance requirements. This can lead to building noncompliant systems, hence, receiving negative audit findings that could have been avoided. Having knowledge of audit requirements and the audit process will help set a context for some of the IT work you perform, whether it’s system design, administration or application development. Additionally, it will bring you closer to the business and help you avoid making mistakes that could result in audit findings on systems for which you’re responsible. SANS offers several audit certifications, including the GIAC Security Audit Essentials (GSAE) and GIAC Systems and Network Auditor (GSNA). SANS certifications have two levels: silver and gold. The former is exam only. Additionally, SANS offers courses that cover all the material for a given certification, but you can take the exam without taking the class if you think you possess the requisite skills. The GSAE and GSNA require two 75-question exams. Upon passing the exam and obtaining the silver certification, you can apply for the gold certification, which requires a white paper that demonstrates a thorough knowledge of the material that extends beyond the course. For example, for an audit certification, you might write a white paper that details the process of performing an audit on a system or device. Further, SANS certifications expire and require retesting to maintain certification. The CSAE and GSNA expire in four years, but if you have the gold certification, another white paper is not required. ISACA offers the Certified Information Systems Auditor (CISA) certification. CISA tests the knowledge and skills required to perform IT system audits. As with SANS, ISACA provides exam-review classes. But like PMP, CISA requires demonstrated work experience. CISA holders do not need to retest, but they must participate in ongoing professional development to maintain the certification. The following are some highlights of the requirements: • Pass the 200-question CISA exam. • Have a minimum of five years IS audit, control or security experience. Substitution is allowed for related experience, formal education and teaching (up to four years). • Agree to a code of conduct. • Complete at least 20 continuing professional education credits annually, 120 in a three-year period. • Pay a certification maintenance fee. The Association of Professionals in Business Management (APBM) Certiﬁcations Often, it’s difficult for IT pros to effectively communicate and build consensus with the businesspeople at their company. This makes the ideal matching of technology to business objectives more difficult. But accomplishing this is important because it’s the businesspeople who hold the financial keys — they can help or hinder your projects or career. Part of the problem is the lack of a common base of knowledge and vocabulary. IT pros might find themselves as bewildered in a financial review as a business operations manager is in a technical troubleshooting session. A business management certification might be the way to bridge this gap and open up some new opportunities. The Association of Professionals in Business Management (APBM) offers two certifications designed to demonstrate your business knowledge: the Certified Business Manager (CBM) and Certified Associate Business Manager (CABM). CBM eligibility requires a bachelor’s degree and four years’ work experience or a master’s degree with three years’ work experience. The CABM doesn’t have any minimum education and work experience requirements. It’s designed for people who do not have formal business training such as a bachelor’s degree in business or a master’s degree in business administration. CBM and CABM test a common body of knowledge for business that is organized into 10 areas: • General management and organization • Operations management • Marketing management • Quality and process management • Human resource management • Accounting • Finance • Information technology • Corporate control and governance • International business APBM offers training materials, preparation guides and a study plan to help you build the knowledge necessary to obtain the CBM or CABM. The APBM requires CBM 22 CERTIFICATION MAGAZINE November 2007

Table of Contents Feed for the Digital Edition of Certification Magazine - November 2007

Certification Magazine - November 2007 Contents Editor's Letter Data Stream Tech Careers Academic Connection Dear Techie Virtual Village Certification Outside Technology Inside Certification The Webmaster: Online Everyman Interface Time Tips: How to Fit Certification into Your Schedule Ad Index Endtag

Certification Magazine - November 2007

For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.