Understanding CISSP Training and Certification

The shortage of information security skills is already impacting Australia’s private and public sectors. In this environment, demand often outweighs the supply of experienced candidates with well-regarded IT security qualifications. The CISSP (Certified Information Systems Security Professional) is a highly regarded qualification, and could take you to the next level in your IT security career.

What type of certification is CISSP?

The CISSP is a vendor-neutral certification granted by the non-profit International Information System Security Certification Consortium, or (ISC)2. It’s a globally recognised qualification with over 115,000 members in over 164 countries. Over 2,000 members hold an (ISC)2 qualification in Australia compared to over 75,000 in the US.

CISSP is the first information security credential to meet the high requirements of ISO/IEC Standard 17024. It’s designed to demonstrate deep technical knowledge and managerial skill in designing, engineering, implementing, and managing information security programs.

Who should obtain CISSP?

CISSP is designed for those with professional experience in information security, usually with five years or more of experience on the job. Security consultants, security managers, and IT directors or chief information officers are ideal candidates for the CISSP. CISSP can also be advantageous for security auditors, security architects, and security analysts. Security system engineers, directors and security, and network architects are some other roles suitable for the CISSP certification.

Benefits of CISSP

The CISSP is the gold standard in security certification. It has a strong global membership and is a highly valued credential. Holding a CISSP demonstrates to employers you’re an experienced, qualified security professional. Given the strong demand for information security professionals, a CISSP can be highly attractive to prospective employers.

Subject areas

The CISSP covers the eight Common Body of Knowledge (CBK) domains.

Requirements for certification

The requirements for CISSP certification include work experience, a six-hour exam, and endorsement from a current (ISC)2 certified professional.

1. Work experience

You need to have at least five years of accumulated full-time work experience in at least two of the CBK domains. The work experience must be paid work, and a four-year university degree (or equivalent) can substitute for one year of the five required years.

If you don’t have the requisite work experience, you can still sit the exam. If you pass, you’ll become an Associate of (ISC)2 until you have sufficient work experience for the CISSP certification.

2. Exam

The CISSP exam runs for six hours and features 250 multiple choice and Drag & Drop and Hotspot questions. You’ll need to obtain 700 out of 1,000 points to pass the exam. You’ll need to complete the exam agreement and commit to the (ISC)2 Code of Ethics before you take the exam. You can find out more about the exam by reviewing the exam outline.

3. Endorsement

When you pass the exam, you can obtain endorsement for your application. You’ll need to complete the endorsement form and have it signed by an (ISC)2 certified professional who’s currently a member, within nine months of your exam date. The (ISC)2 can act as your endorser if you can’t find someone to endorse your application.

Validity and renewal

Certification is effective for three years, so you’ll need to recertify every three years. Recertification requirements include 40 continuing professional education credits per year (or 120 credits for the three years). You’ll also need to pay the annual fee and continue to abide by the (ISC)2 Code of Ethics.

Obtaining qualifications for a successful IT security career

The CISSP is one of the most highly regarded credentials for experienced IT security professionals. By holding a CISSP, you demonstrate you have current, deep knowledge necessary for design through implementation of security IT systems.

Given the rigorous exam, taking a comprehensive training course can help you succeed in obtaining your CISSP certification. ALC Training is a world-class training provider specialising in information security. To find out more about our intensive CISSP training course, contact us today for more information.