Steps to Become a CISSP (Certified Information Systems Security Professional)

There are countless IT certifications today. One of the best for IT Security professionals is the Certified Information Systems Security Professional (CISSP), sponsored by the International Information Systems Security Certification Consortium, or (ISC)2.

Exam pricing for U.S. candidates is either $549 or $599 depending upon whether you choose to do an early registration or a standard registration.

Candidates will need to do the following to successfully achieve the certification.

  • Meet or exceed Experience Requirements
  • Pass the Exam
  • Obtain an Endorsement
  • Be prepared for an Audit

To sit for the CISSP Exam candidates need to prove that they possess 5 years of experience in Information Security. Your experience must be within at least two of the 10 security domains of the (ISC)2 CISSP Common Body of Knowledge (CBK). You can obtain a one-year waiver in the professional experience requirement if you satisfy one of the following categories:

Note that you cannot combine two of these categories; so, if one holds a bachelor’s degree as well as an MCSE, that individual is allowed only one year off the five-year professional experience requirement.

Pass the Exam

In order to meet this requirement, you must pass the CISSP certification exam with a score of 700/1000 or greater. You register to take the CISSP directly with the (ISC)2; note that you may have to travel to reach your closest authorized testing location. The exam itself is a test of endurance; the pencil-and-paper exam consists of 250 multiple-choice questions in which you have 6 hours to answer as many of them as you can correctly.


Obtain an endorsement

Once you pass the CISSP exam (or even better before you take your exam), you must ask an active (ISC)2 credential holder who can attest to your industry experience to complete an endorsement form for you. Once the (ISC)2 receives and approves the endorsement, you can finally heave a sigh of satisfaction: You are now CISSP!

Be Prepared for an Audit

It is crucial that you do not fabricate or exaggerate in your CISSP application process, especially since the (ISC)2 randomly selects (ISC)2-certified individuals for auditing. If you are found to have falsified any of your application data, consider the revocation of your CISSP title a foregone conclusion. Honesty is a core principle of the (ISC)2 Code of Ethics, which you also must affirm during your application process).

Certification Expiry/Renewal Information

The CISSP certification has a three-year lifespan. Consequently, it is imperative that you make time for at least 120 continuing professional education (CPE) credits within each three-year interval. Of these 120 credits, at least 80 must be Type A, or directly relating to the information security profession. The remaining 40 credits can be either Type A or Type B; Type B credits constitute other forms of professional skills development. The (ISC)2 will provide you with full information on CPEs once you are certified.


Pursuing certification can broaden your horizons, prove that possess a certain body of knowledge, and it can open doors for your career. It will be difficult, but rewarding. I have been a CISSP for about 15 years. I have always kept my certification status current. After the hard work you will put in to pass this exam, you will want to satisfy the continuing education requirement to stay in good standing and reap the benefits as a holder of the CISSP. (John Busso CISSP #47149)


John Busso

Author Bio: John Busso is a Senior Network Engineer/Mobility Specialist at CCSI. He has almost 20 years experience providing secure voice and data solutions. John has been a Subject Matter Expert for Enterprise Mobile Solutions such as Guest WiFi and BYOD, providing vision for diverse clients.

John has been an Adjunct Professor and trainer. He holds numerous Industry certifications, including CISSP, CWNP, CCNP, ACMP and ITIL. His experience includes working with retail, TNL-Couriers, DC’s and Airports, Healthcare, Education, DOD, Local Government, Financial, Non-Profit-Public WiFi, Entertainment and Hospitality industries. His expertise is in mobility, security, WLAN, WAN, LAN, VoWiFi, RFID, RTLS, WIPS, WIDS, DAS, licensed/unlicensed PTP and PTMP networks. Connect with John on Twitter via @JohnBusso.

The post Steps to Become a CISSP (Certified Information Systems Security Professional) appeared first on CCSI.

*** This is a Security Bloggers Network syndicated blog from CCSI authored by John Busso. Read the original post at: