Forgot Password?
Login Help

Home  breadcrumb separator  Certification Programs  breadcrumb separator  About Our Credentials & Process   breadcrumb separator  Steps for Certification

Steps for Certification

If you’re pursuing your (ISC)² credential, note that there are several steps necessary to obtain certification:

  • Required Experience – possessing the required number of years for the appropriate credential
  • Study – taking advantage of the educational materials (ISC)² makes available for you to review and refresh your knowledge before taking the credential examination
  • Application – validating your education and/or experience
  • Examination – sitting and passing the appropriate exam
  • (ISC)² Code of Ethics – committing to and abiding by principles and guidelines set forth by (ISC)²
  • Endorsement Process – attesting to your eligibility requirements

1) Required Experience
The years of experience required for certification depends on the particular credential that you are pursuing. Valid experience includes information systems security-related work performed, or work that requires information security knowledge and involves direct application of that knowledge. The experience required for each (ISC)² credential is as follows:

  • SSCP - One year of cumulative work experience in one or more of the seven domains of the SSCP® CBK®
  • CAP - Two years of direct, full-time, information systems security certification and accreditation professional work experience in one or more of the five domains of the CAP® CBK
  • CSSLP - A minimum of four years of professional experience in the software lifecycle (SDLC) field in one or more of the seven domains of the CSSLPCM CBK.
  • CISSP – A minimum of five years of direct, full-time security professional work experience in two or more of the ten domains of the CISSP® CBK
  • CISSP Concentrations – Two years of professional work experience in the area of architecture and management for the CISSP-ISSAP® and CISSP-ISSMP® respectively. For a concentration in engineering, no additional years of experience are necessary for the CISSP-ISSEP®
  • Associate of (ISC)² – If you do not meet the CISSP® or SSCP® professional experience requirements, you may still become an Associate of (ISC)². To do so, you will need to complete and submit the examination form and successfully pass either exam. Visit our Associate of (ISC)² page for further information.

2) Study
(ISC)² has developed several creative methods to help you achieve the knowledge necessary to obtain an (ISC)² certification:

  • (ISC)² Official Self Assessment - (ISC)² has introduced studISCope, an actual simulation of the exam situation you will face for certification. studISCope serves as an indispensable analytical study tool and personalized study planner.
  • CBK Review Seminars - (ISC)² annually offers over 600 in-classroom seminars worldwide to help you review and refresh your knowledge of information security. Official (ISC)² CBK Review Seminars are only conducted by (ISC)² Authorized Instructors, each of whom is up-to-date on the latest information security-related developments and is an expert in credential-specific domains. Or, you can sign up for (ISC)²’s Live-On-Line courses, available over the Internet in real-time – a convenient way to take advantage of our proven review seminars from your laptop or desktop anywhere in the world.
  • (ISC)² Official Textbooks - Written by a team of subject matter experts, (ISC)² official textbooks are the most updated publications reflecting the latest in information security knowledge.
  • Candidate Information Bulletins Bulletins have been developed by (ISC)² to provide candidates with basic information about the domains covered in each specific examination.

3) Application
To apply for certification and to sit for an examination, a candidate must:

  • Sign up for the examination date and location
  • Submit the examination fee
  • Assert that he or she possesses the minimum years of professional experience in the information security field (as mentioned above)
  • Complete the Examination Agreement, attesting to the truth of his or her assertions regarding professional experience, and legally committing to the adherence of the (ISC)² Code of Ethics
  • Successfully answer four questions regarding criminal history and related background

4) Examination – To sit for the examination, you can register either by mail/fax or online. You’ll determine what examination location and date you can attend, agree to the terms and conditions, and pay the proper examination fee. Once your completed registration is received and your application is approved, admission documents for the examination will be emailed to you.

5) Code of Ethics - All information systems security professionals who are certified by (ISC)² recognize that such certification is a privilege that must be both earned and maintained. In support of this principle, all (ISC)² members are required to commit to fully support the (ISC)² Code of Ethics before being officially certified.

6) Endorsement Process - Once you are notified that you have successfully passed the examination, you will be required to have your application endorsed before the credential can be awarded. An endorsement form for this purpose must be completed and signed by an (ISC)² certified professional who is an active member, and who is able to attest to your professional experience. [(ISC)² can act as an endorser for you if you cannot find a certified individual to act as one.]

© Copyright 1996-2010. (ISC)², Inc. All rights reserved.

All contents of this site constitute the property of (ISC)², Inc. and may not be copied, reproduced or distributed without prior written permission. (ISC)², CISSP, CAP, ISSAP, ISSEP, ISSMP, SSCP and CBK are registered certification marks of (ISC)², Inc.

Web Design by 352 web design company