CISSP Exam
The CISSP Certification Background
The need for professionalism was a serious topic among computer security practitioners for many years.
Professionalism was viewed as the way to upgrade this often ill-defined and poorly understood craft to that of a recognized and disciplined profession. By the mid-1980s, a number of professional societies in North America concluded that a certification process attesting to the qualifications of information security personnel, would enhance the credibility of the computer security profession. Through the societies' cooperative efforts, the International Information Systems Security Certification Consortium, or (ISC)² , was established in mid-1989 as an independent, nonprofit corporation whose sole charter is to develop and administer a certification program for information security practitioners. Now firmly established in North America, the program is quickly gaining international acceptance.The CISSP Examination
The eligibility requirements to sit for the CISSP examination are completely separate from the eligibility requirements necessary to be certified as a CISSP.
The CISSP Examination Structure
The CISSP Certification examination consists of 250 multiple-choice questions. Candidates have up to 6 hours to complete the examination. Ten CISSP information systems security test domains are covered in the examination pertaining to the Common Body of Knowledge:
- Access Control Systems & Methodology
- Applications & Systems Development
- Business Continuity Planning
- Cryptography
- Law, Investigation & Ethics
- Operations Security
- Physical Security
- Security Architecture & Models
- Security Management Practices
- Telecommunications, Network & Internet Security
To sit for the CISSP examination, a candidate must:
The eligibility requirements to sit for the CISSP examination are completely separate from the eligibility requirements necessary to be certified as a CISSP.
- Submit the examination application with the required fee Click here to download the CISSP Exam application
- Assert that he or she possesses a minimum of five years of professional experience in the information security field or four years plus a college degree. Or, an Advanced Degree in Information Security from a National Center of Excellence or the regional equivalent can substitute for one year towards the five-year requirement.
- Complete the Candidate Agreement, attesting to the truth of his or her assertions regarding professional experience and legally commit to adhere to the CISSP Code of Ethics.
- Successfully answer four questions regarding criminal history and related background.
To become certified as a CISSP, a candidate must:
- Pass the CISSP exam with a scaled score of 700 points or greater.
- Meet the CISSP experience eligibility requirements.
- Submit a properly completed and executed Endorsement Form Click here to download the CISSP certification endorsement form
- If the candidate is selected for audit, they must successfully pass that audit of their assertions regarding professional experience.
The Endorsement Process:
A candidate applying for certification must be endorsed by another (ISC)² certified professional in good standing before the credential can be awarded.
A candidate receiving a pass letter informing the candidate that he or she has passed the certification examination will also receive a blank endorsement form. The form must be completed and signed by an (ISC)² certified professional. The (ISC)² certified professional is anyone who:
- Is able to attest to the candidate's professional experience
- Is an active (ISC)² credential holder in good standing
The endorser will attest that the candidate’s assertions regarding professional experience are true to the best of the endorser’s knowledge, and that the candidate is in good standing within the information security industry.
You can also download the endorsement form, Then, print it out, have it completed and signed by a proper endorsing party, and return it to:
(ISC)² Services
2494 Bayshore Blvd, #201
Dunedin, FL 34698
United States
(ISC)² Services staff will review the form upon receipt to ensure that it is properly completed and executed. If so, (ISC)² Services will mail you your certificate.
Please note: A percentage of the candidates who pass an (ISC)² examination and submit endorsements will be randomly subjected for audit and required to submit additional information, as required, for verification.
If you cannot find a certified individual to act as an endorser, (ISC)² will act as an endorser for you in consideration of which, (ISC)² will require the same documentation that is submitted by a candidate who is randomly selected to be audited.
What happen if you get audited?
A percentage of the candidates who pass the CISSP examination and submit endorsements will be randomly subjected to audit and required to submit a resume for formal review and investigation. If audited (subject to results), the credential will be awarded within seven business days and notification sent via e-mail. Naturally, there may be some delays due to mail service or the number of forms received. Also, audits may require additional time for verifying information and/or contacting references.
Post Certification - Now that you are a CISSP
Once an individual has successfully passed an (ISC)² credentialing examination, continuing education is required to maintain their certification in good standing.
Continuing Professional Education Credits:
In addition to paying an annual maintenance fee and subscribing to the Code of Ethics, a CISSP must earn continuing professional education credits every three years - or retake their certification examinations. CPE credits are earned by performing activities largely related to the information systems security profession including, but not limited to, the following:
- Educational courses or seminar attendance.
- Association chapter membership and meeting attendance - Like ISSA, ISACA, etc.
- Security conference attendance.
- Vendor presentations .
- University/college course completion.
- Providing security training.
- Publishing security articles or books.
- Self-study courses that are related to the industry.
- Volunteer work, including serving on (ISC)² volunteer committees.
Subscribe to this comment's feed
| < Prev | Next > |
|---|
