CISSP®

CISSP® – Certified Information Systems Security Professional. CISSP® is a globally recognized certification scheme for IT Security professionals.

Type

Certification scheme

Owner

The CISSP®  certification scheme is owned by (ISC)²®. The International Information Systems Security Certification Consortium, Inc. (ISC)²® is a not-for-profit provider in educating and certifying information security professionals throughout their careers. (ISC)²®

Brief history and description

The CISSP was the first credential in the field of information security to meet the stringent requirements of ISO/IEC Standard 17024.

“A CISSP is an information assurance professional who defines the architecture, design, management and/or controls that assure the security of business environments. The vast breadth of knowledge and the experience it takes to pass the exam is what sets the CISSP apart. The credential demonstrates a globally recognized standard of competence provided by the International Information Systems Security Certification Consortium (ISC)² CBK® which covers critical topics in security today, including cloud computing, mobile security, application development security, risk management and more. The (ISC)² CBK is a taxonomy – a collection of topics relevant to information security professionals around the world. The (ISC)² CBK establishes a common framework of information security terms and principles which allows information security professionals worldwide to discuss, debate, and resolve matters pertaining to the profession with a common understanding. ” (source: ISC2.org).

To attain the CISSP credential the candidate has to demonstrate professional experience in two or more of the following pre-defined (ISC)² CISSP domains:

  • Access Control
  • Telecommunications and Network Security
  • Information Security Governance and Risk Management
  • Software Development Security
  • Cryptography
  • Security Architecture and Design
  • Operations Security
  • Business Continuity and Disaster Recovery Planning
  • Legal, Regulations, Investigations and Compliance
  • Physical (Environmental) Security

The following benefits are cited for certified professionals and their employers: (source: ISC2.org)

Benefits of the CISSP for Professionals

  • Demonstrates a working knowledge of information security
  • Confirms commitment to profession
  • Offers a career differentiator, with enhanced credibility and marketability
  • Affords you exclusive benefits as an (ISC)² member, including valuable resources such as peer networking and idea exchange
  • Indicates that certified information security professionals earn a worldwide average of 25% more than their non-certified counterparts, according to the Global Information Security Workforce Study
  • Fulfills government and organization requirements for information security certification mandates

Benefits of the CISSP for Employers

  • Positions candidates on a level playing field as (ISC)² certifications are recognized internationally
  • Provides increased credibility for your organization when working with vendors and contractors
  • Empowers employees with a universal language, circumventing ambiguity with industry-accepted terms and practices
  • Validates commitment and years of experience gained in the industry
  • Requires Continuing Professional Education (CPE) credits to ensure that personnel keep their skills current
  • Satisfies certification mandate requirements for service providers or subcontractors

CISSP concentrations

The following so-called CISSP concentrations were developed to cater for specific needs of (ISC)² members.

  • Architecture (CISSP-ISSAP®)
  • Engineering (CISSP-ISSEP®)
  • Management (CISSP-ISSMP®)

Target Audience

IT Security professionals.

User communities and groups

(ISC)²  runs the so-called (ISC)² Chapter Program. (ISC)² states the benefits of this program as follows: “Being a member of an (ISC)² Chapter has its benefits. Not only will you gain a sense of fellowship with colleagues in your profession, you will also be able to network and exchange ideas with fellow (ISC)² credential holders and other information security professionals in your local area.” CISSP certified professionals can both join or start a chapter.

Official publisher

The International Information Systems Security Certification Consortium, Inc.(ISC)²®

Accreditations and qualifications

(ISC)²® runs several certification programs, of which CISSP® – Certified Information Systems Security Professional –  is featured in this document.

Tooling

n/a

Links

Official Sites (ISC)² CISSP home page
User groups and communities (ISC)² Chapter Program
Publications (ISC)² Download Zone (registration required)
Accreditations and Qualifications CISSP certification program
Tooling n/a
Other useful links n/a