|
 Paul Kirvan offers some thoughts.
One of the interesting aspects of business continuity management is that it is a key component of two major professional accreditations: CISA (Certified Information Systems Auditor) and CISSP (Certified Information Systems Security Professional). By contrast, leading BCM certifications (such as those offered by the BCI and DRII) do not address information security at all and auditing only in passing (e.g., as noted in BS 25999 Part 2, Section 5.1).
Having made that curious observation, I've been increasingly concerned about business continuity management as a long-term career. In some areas, such as the UK, BCM is well regarded and is growing in acceptance (and job opportunities). In the US, the business continuity profession continues to struggle with acceptance in the private sector. Recognition within the public sector appears somewhat better. As someone who is within reach of retirement - but not financially ‘set’ for same - I need to think very carefully about my future as a BCM professional. In the US, at least, my perception is that the future is not very bright. What options are available that could increase my long-term employment prospects? And without discarding my 20+ years in the business continuity space? Several years ago while working for an information security firm, I acquired the CISSP designation. A fairly good start. What I've discovered since losing my last full-time job about two years ago is that the audit profession - and IT audit in particular - is in demand. Lots of jobs available in the New York City metropolitan area. But the minimum price of entry is the CISA.
So I decided that earning a CISA would be a worthwhile goal. After failing the first exam last year, I passed the second try, secured my references, submitted the application and was awarded the CISA early in September. What I now have - based on a lot of research - appears to be the ideal one-two combination for success in the next 10-15 years. This is a critical time frame for me (and probably many of my colleagues).
While I haven't secured an audit position yet, and am currently busy with a business continuity client, it's now time to begin assessing how the CISA/CISSP combination improves my competitiveness in a very difficult US job market. I'm hoping that it will improve my opportunities within the BCM space, as well as open doors in the audit space.
What does all this mean to those of you in the business continuity profession who are wondering about your futures? (And this is especially true for those of you who have been unable to find employment in BCM - since losing your last business continuity job!) Consider pursuing the CISA and, if possible, the CISSP designations. The two together seem to be an unbeatable combination, based on my research. And even if you are concerned about competing with younger people - as I am - for decent opportunities, I believe the two designations will level the playing field.
Along with securing the above credentials, get involved with the organizations that support them: ISC(2) for CISSP and ISACA for CISA. Networking is key to getting your next job, and participating in these organizations - both of which are global and have tens of thousands of members, as compared to business continuity management associations - could help you make valuable contacts.
While I don't plan to turn my back on the BCM profession, I do realize that - at least in the US - the long-term prospects for the profession are not as strong as IT auditing and information security. After carefully examining both professions I've decided that auditing makes better sense for me. And remember that BCM is a component - under-appreciated and under-exploited - of both the CISA and CISSP. As business continuity professionals, you could make a mark in these new domains by leveraging your BCM expertise. That's what I plan to do.
Author: Paul Kirvan is an independent business continuity consultant who recently received the CISA designation. He is a member of the Board of the Business Continuity Institute. pkirvan@msn.com
This article represents the authors personal views and does not necessarily represent the view of the BCI.
•Date: 29th Sept 2009• Region: US/World •Type: Article •Topic: BC general
Rate this article or make a comment - click here |
