A CBK – sometimes simply called a Body of Knowledge – refers to a peer-developed compendium of what a competent professional in their respective field must know, including the skills, techniques and practices that are routinely employed.1

The ISC2 CBK is a collection of topics relevant to cybersecurity professionals around the world. It establishes a common framework of information security terms and principles which enables cybersecurity and IT/ICT professionals worldwide to discuss, debate and resolve matters pertaining to the profession with a common understanding, taxonomy and lexicon.

ISC2 was established, in part, to aggregate, standardize and maintain the ISC2 CBK for security professionals worldwide. Domains from the ISC2 credentials are drawn from various topics within the ISC2 CBK, which are used to assess a candidate's level of mastery of the most critical aspects of information security.

The ISC2 CBK is updated by the ISC2 CBK Committee to reflect the most current and relevant topics required to practice the profession.

1Becker, R.E., Montgomery, L.E.: A profession defined: Association management’s body of knowledge. Association Management 47, 221 (1995).