The CISSP is a security certification. IT is very broad and probably is
geared more towards the manager in security, CISO, etc. It has become a
very widely used standard in job requirements for security positions.
The CISA is strictly an auditing certification is only needed if you are going to
be an IS Auditor. No one else looks for this or requires it.
BOTH certification require a certain number of years either in IS security
or as an auditor before you can receive the designation. To get the CISA
you have to have been doing auditing for a minimum of 3 years (education can
then make up the other 2 years of the 5 required). This one actually
requires a sign off from your current or past employers to prove that you
have been auditing. The CISSP requires that your cert app (after exam) be
signed off by another CISSP who can verify your experience.
The exams for both of tough, but nothing that cant be passed with
Again, only do the CISA is you have been an auditor and will be auditing.
The CISSP goes across more jobs.
Hope that helps!