 CISSP stands for Certified Information System Security Professional. It’s considered the Gold Standard of Information security Professionalism. The CISSP 6 hour examination consists of 250 multiple choice questions, covering 10 areas from the CBK (Common Body of Knowledge): - Access Control Systems & Methodology
- Applications & Systems Development
- Business Continuity Planning
- Cryptography
- Law, Investigation & Ethics
- Operations Security
- Physical Security
- Security Architecture & Models
- Security Management Practices
- Telecommunications, Network & Internet Security
The CISSP certification is administered by the International Information Systems Security Certification Consortium which is better known as (ISC)2. (ISC)2 are a not for profit organisation set up to develop and manage certification programmes for information security practitioners.
CISSP Certification Requirements:
There are two steps to becoming certified. First a CISSP candidate must pass the examination then they must have their application endorsed by a suitable person such as a CISSP or their employer within 90days of passing the examination.
To sit the CISSP examination, a candidate must:
- Subscribe to the (ISC)² Code of Ethics.
- Have a minimum of four years of direct full-time security professional work experience in one or more of the ten domains of the CISSP CBK or three years of direct full-time security professional work experience in one or more of the ten domains of the CISSP CBK and a degree.
To become certified a candidate must: - Pass the CISSP exam with a scaled score of 700 points or greater
- Submit a properly completed and executed Endorsement Form.
It is possible for the candidate is selected for a random audit of their professional experience.
Post Certification
Once an individual has been certified (ISC)2 require CISSPs to pay an annual maintenance fee, keep their knowledge up to date and abide by the Code of Ethics to remain in good standing.
To show that their knowledge is current CISSPs must earn Continuing Professional Education (CPE) credits. CPE credits can be earned by being involved with activities relevant to information Security. Examples include:
- Attendance at information security seminars.
- Taking information security courses
- Attending information security conferences
- Vendor presentations
- Providing security training
- Publishing security articles or books
- Serving on industry boards
- Self-study
- Volunteer work, including serving on (ISC)2 volunteer committees
|
2_logo_pms5477.jpg "Image"){kind=logo}