This is a question that arises in many information security and business analysis professional’s mind. Both IIBA CCA and ISO 27001 deal with information security. So, which one should pursue?
I am among very few BA professionals who have done both the certifications. I consulted more than 10 clients to implement ISO 27001 in their organizations and it was indeed a great learning process. I thoroughly enjoyed my ISO 27001 Lead Auditor training.
Similarly, I took IIBA CCA certification few months back and again was pleasantly surprised about new aspects those I learnt as part of my CCA preparations process.
Let's do a comparison between the 2 certifications below.
IIBA CCA Domains
ISO 27001 Domains
Cybersecurity Overview and Basic Concepts
Information security policies
Organization of information security
Cybersecurity Risks and Controls
Human resource security
Securing the Layers
User Access Control
Physical and environmental security
System acquisition, development and maintenance
Information security incident management
Information security aspects of business continuity management