+ 0 Votes Depends on where you want to go. shuo.lin 6 years ago The most general certification you can get is CISSP. CISA and CISM are more specifically tailored for audit and management professionals. So, if you want to get your foot in the door for IT audit, get CISA. If you are a security professional who wants to show a broad knowledge of information security, get CISSP. If you want to go for information security management positions, get CISM. I have no idea what ENSA is. + 0 Votes Good answer LouCed 6 years ago I wanted to leave IT and go to the green fields of accounting / auditing, so I got the CISA, going for the CIA and CPA next. That way I could leverage my IT experience and not be a total "newbe" in auditing.