Top of Page
 

CISSP Concentrations logo CISSP
Concentrations

 

Explore This Page Request Help

Achieve Excellence in Information Security

You’re a leader in information security. And in this ever-changing industry in which the opposition grows ever smarter, you’re always looking for ways to stay ahead and master your craft.

Challenge yourself with a CISSP Concentration! These specialized credentials build upon the CISSP. Whether you’re interested in career growth, deeper knowledge or achieving elite status, CISSP Concentrations are optional pursuits that prove your subject matter mastery. They highlight your evolving expertise in information security:

  • Architecture
  • Engineering
  • Management

Are you ready to prove yourself? Get started today.

Please Note: Effective November 15, 2022, the CISSP-ISSMP exam will be based on a new exam outline. Please refer to the CISSP-ISSMP Exam Outline and FAQs for details.

Did you know? Our certifications are accredited, recognized and endorsed by leading organizations around the world.

Steps to Certification

  1. Step 1
  2. Step 2
  3. Step 3
  4. Step 4

Get the Needed Experience

To qualify for the CISSP-ISSAP, you must be a CISSP in good standing and have two years cumulative, paid work experience in one or more of the six domains of the CISSP-ISSAP Common Body of Knowledge (CBK).

To qualify for the CISSP-ISSEP, you must be a CISSP in good standing and have two years cumulative, paid work experience in one or more of the five domains of the CISSP-ISSEP CBK.

To qualify for the CISSP-ISSMP, you must be a CISSP in good standing and have two years cumulative, paid work experience in one or more of the six domains of the CISSP-ISSMP CBK

Create an Account at Pearson VUE and Schedule Your Exam

To schedule an exam, you must create an account at Pearson VUE.

Pearson VUE is the leading provider of global, computer-based testing for certification and licensure exams. You can find details on testing locations, policies, accommodations and more on their website.

Once you’ve set up your account and are ready to register, you’ll need to:

Pass the Exam

This is the day to show your greatness!

Depending on the exam you take, you’ll have:

  • Three hours to complete the 125 ISSAP exam questions.
  • Three hours to complete the 125 ISSEP exam questions.
  • Three hours to complete the 125 ISSMP exam questions.

You must pass the exam with a scaled score of 700 points or greater.

Want more details? Read our exam scoring FAQs.

Get Endorsed

Once you successfully pass the exam, you’ll have nine months from the date of the exam to have your application endorsed.

Your endorsement form must be completed and signed by an (ISC)² certified professional. He or she needs to be an active member who can confirm your professional experience.

(ISC)² can endorse you if you can’t find a certified individual.

Want to learn more? Read our endorsement assistance guidelines. >

CISSP Concentrations

Please Select One of the Following:

Information Systems Security Architecture Professional

The CISSP-ISSAP is an appropriate credential if you’re a chief security architect or analyst. Typically, you work as an independent consultant or in a similar capacity.

Work in government? See how the CISSP-ISSAP meets the U.S. Department of Defense (DoD) Directive 8570.1.

As the architect, you play a key role in the information security department. Your responsibilities fall between the C-suite and upper managerial level and the implementation of the security program.

Although your role is tied closely to technology, it may be closer to the consultative and analytical process of information security. 

This security architect certification proves your expertise developing, designing and analyzing security solutions. It also shows you excel at giving risk-based guidance to senior management in order to meet organizational goals.

CISSP-ISSAP Domains:

  • Domain 1. Architect for Governance, Compliance and Risk Management
  • Domain 2. Security Architecture Modeling
  • Domain 3. Infrastructure Security Architecture
  • Domain 4. Identity and Access Management (IAM) Architecture
  • Domain 5. Architect for Application Security
  • Domain 6. Security Operations Architecture
Download Your Free CISSP-ISSAP Ultimate Guide

Get to Know the CISSP-ISSAP

  • Why Earn the CISSP-ISSAP Why Earn the CISSP-ISSAP

    You’re on the leading edge of your craft. Here are just a few reasons to challenge yourself with this security architect certification:

    • A demonstration of excellence. You want to stand out from your fellow CISSPs. This concentration proves you have an elite level of knowledge and expertise.
    • New opportunities. The CISSP-ISSAP opens doors: from new career paths and jobs, to more exciting work.
    • Growth and learning. This is an opportunity to dive deep and hone your craft. You’ll find new ways to grow and stay on the forefront of information security. And earning your concentration is a big challenge.
    • Ease of continuing education and dues. As a CISSP, you already have a relationship with (ISC)². If you earn the CISSP-ISSAP, you only have to share your Continuing Professional Education (CPE) credits with one organization. You may apply your CISSP-ISSAP CPE credits toward your CISSP requirement (as long as these credits are specific to security architecture). And your dues are a lot less than if you pursue an advanced certification with a separate organization. You’ll make great use of your time, energy and money.

    What the Industry Is Saying About the CISSP-ISSAP

  • Should You Pursue the CISSP-ISSAP? Should You Pursue the CISSP-ISSAP?

    This security architect certification is an excellent way to hone your craft. But is it right for you?

    You’re a great fit for the CISSP-ISSAP if you:

    • Are a life-long learner who craves a new challenge.
    • Want to go beyond the CISSP. You have a competitive spirit and want to stand out from your peers.
    • Want to be seen as a subject matter expert and prove your knowledge in a more focused area.
    • Are looking ahead in your career. The CISSP-ISSAP will help you achieve an even higher level of success.
    • Need this concentration to move into a specific job.

    The CISSP-ISSAP is ideal for those working in roles such as:

    • System architect
    • Chief technology officer
    • System and network designer
    • Business analyst
    • Chief security officer
  • Get the ISSAP Exam Outline Get the ISSAP Exam Outline

    The exam outline is a free resource that details the major topics and subtopics within the domains that are covered on the CISSP-ISSAP exam. Reviewing this outline will help you determine which topics you may feel less confident about and develop a study plan around those topics.

    CISSP-ISSAP Exam Outline

    For a complete list of acronyms you may encounter during your (ISC)² exam, reference the translated (ISC)² Certification Terms glossary.

  • Self-Paced Training and Study Resources Self-Paced Training and Study Resources

    Self-Paced Training

    • A powerful alternative to traditional classroom training. You'll use modular training and interactive study materials.
    • Rich content equal to classroom training. It meets certification course requirements.
    • 180 days to access the content from any web-enabled device. Available any time and as often as you want.
    Get details on Self-Paced Training

    Self-Study Resources

    In addition to training, we offer resources to help you with self-study. Our resources include the:

  • Taking Your CISSP-ISSAP Exam Taking Your CISSP-ISSAP Exam
    Length of exam Up to 3 hours
    Number of questions 125 questions
    Question format Multiple choice
    Passing grade A passing score is 700 out of 1000 points
    Exam language English
    Testing center Pearson VUE Testing Center

    Ready to sign up for the exam? Visit the Pearson VUE website to create an account and book your exam.

  • Maintaining Your Concentration Maintaining Your Concentration

    Once you have passed your CISSP-ISSAP exam and are certified, you need to recertify every three years. To do so, you simply need to:

    • Earn 20 Continuing Professional Education (CPE) credits each year. You may apply these 20 credits toward your CISSP CPE requirement as long as these credits are specific to security architecture.
    • There is no additional AMF for earning and maintaining CISSP concentrations.

Information Systems Security Engineering Professional

The CISSP-ISSEP is an ideal credential for proving you know how to incorporate security into all facets of business operations.

Work in government? See how the CISSP-ISSEP meets the U.S. Department of Defense (DoD) Directive 8570.1.

This security engineering certification recognizes your keen ability to practically apply systems engineering principles and processes to develop secure systems. You have the knowledge and skills to incorporate security into projects, applications, business processes and all information systems.

The CISSP-ISSEP was developed in conjunction with the U.S. National Security Agency (NSA). It offers an invaluable tool for any systems security engineering professional.

CISSP-ISSEP Domains:

  • Domain 1. Systems Security Engineering Foundations
  • Domain 2. Risk Management
  • Domain 3. Security Planning and Design
  • Domain 4. Systems Implementation, Verification and Validation
  • Domain 5. Secure Operations, Change Management and Disposal
Download Your Free CISSP-ISSEP Ultimate Guide

Get to Know the CISSP-ISSEP

  • Why Earn the CISSP-ISSEP Why Earn the CISSP-ISSEP

    You’re on the leading edge of your craft. Here are just a few reasons to challenge yourself with this security certification:

    • A demonstration of excellence. You want to stand out from your fellow CISSPs. This concentration proves you have an elite level of knowledge and expertise.
    • New opportunities. The CISSP-ISSEP opens doors: from new career paths and jobs, to more exciting work.
    • Growth and learning. This is an opportunity to dive deep and hone your craft. You’ll find new ways to grow and stay on the forefront of information security. And earning your concentration is a big challenge.
    • Ease of continuing education and dues. As a CISSP, you already have a relationship with (ISC)². If you earn the CISSP-ISSEP, you only have to share your Continuing Professional Education (CPE) credits with one organization. You may apply your CISSP-ISSEP CPE credits toward your CISSP requirement (as long as these credits are specific to security engineering). And your dues are a lot less than if you pursue an advanced certification with a separate organization. You’ll make great use of your time, energy and money.

    What the Industry Is Saying About the CISSP-ISSEP

  • Should You Pursue the CISSP-ISSEP? Should You Pursue the CISSP-ISSEP?

    This security engineering certification is an excellent way to hone your craft. But is it right for you?

    You’re a great fit for the CISSP-ISSEP if you:

    • Are a life-long learner who craves a new challenge.
    • Want to go beyond the CISSP. You have a competitive spirit and want to stand out from your peers.
    • Want to be seen as a subject matter expert and prove your knowledge in a more focused area.
    • Are looking ahead in your career. The CISSP-ISSEP will help you achieve an even higher level of success.
    • Need this concentration to move into a specific job.

    The CISSP-ISSEP is ideal for those working in roles such as:

    • Senior systems engineer
    • Information assurance systems engineer
    • Information assurance officer
    • Information assurance analyst
    • Senior security analyst
  • Get the CISSP-ISSEP Exam Outline Get the CISSP-ISSEP Exam Outline

    The exam outline is a free resource that details the major topics and subtopics within the domains that are covered on the CISSP-ISSEP exam. Reviewing this outline will help you determine which topics you may feel less confident about and develop a study plan around those topics.

    For a complete list of acronyms and terms you may encounter during your (ISC)² exam, reference the translated (ISC)² Certification Acronym and (ISC)² Certification Terms glossaries.

    CISSP-ISSEP Exam Outline

  • Self-Paced Training and Study Resources Self-Paced Training and Study Resources

    Self-Paced Training

    Self-Paced Training
    • A powerful alternative to traditional classroom training. You’ll use modular training and interactive study materials.
    • Virtual lessons taught by authorized instructors through HD video.
    • Rich content equal to classroom training. It meets certification course requirements.
    • 180 days to access the content from any web-enabled device. Available any time and as often as you want.

    Get details on Self-Paced Training

    Self-Study Resources

    In addition to training, we offer resources to help you with self-study. Our resources include the:

  • Taking Your CISSP-ISSEP Exam Taking Your CISSP-ISSEP Exam
    Length of exam Up to 3 hours
    Number of questions 125 questions
    Question format Multiple choice
    Passing grade A passing score is 700 out of 1000 points
    Exam language English
    Testing center Pearson VUE Testing Center

    Ready to sign up for the exam? Visit the Pearson VUE website to create an account and book your exam.

  • Maintaining Your Concentration Maintaining Your Concentration

    Once you have passed your CISSP-ISSEP exam and are certified, you need to recertify every three years. To do so, you simply need to:

    • Earn 20 Continuing Professional Education (CPE) credits each year. You may apply these 20 credits toward your CISSP CPE requirement as long as these credits are specific to security engineering.
    • There is no additional AMF for earning and maintaining CISSP concentrations.

Information Systems Security Management Professional

You are vital to your organization’s success. Prove your knowledge and leadership skills with the CISSP-ISSMP.

Work in government? See how the CISSP-ISSMP meets the U.S. Department of Defense (DoD) Directive 8570.1.

This cybersecurity management certification shows you excel at establishing, presenting and governing information security programs. You also demonstrate deep management and leadership skills whether you’re leading incident handling and/or a breach mitigation team.

CISSP-ISSMP Domains:

  • Domain 1. Leadership and Business Management
  • Domain 2. Systems Lifecycle Management
  • Domain 3. Risk Management
  • Domain 4. Threat Intelligence and Incident Management
  • Domain 5. Contingency Management
  • Domain 6. Law, Ethics, and Security Compliance Management
Download Your Free CISSP-ISSMP Ultimate Guide

Get to Know the CISSP-ISSMP

  • Why Earn the CISSP-ISSMP Why Earn the CISSP-ISSMP

    You’re on the leading edge of your craft. Here are just a few reasons to challenge yourself with this cybersecurity management certification:

    • A demonstration of excellence. You want to stand out from your fellow CISSPs. This concentration proves you have an elite level of knowledge and expertise.
    • New opportunities. The CISSP-ISSMP opens doors: from new career paths and jobs, to more exciting work.
    • Growth and learning. This is an opportunity to dive deep and hone your craft. You’ll find new ways to grow and stay on the forefront of information security. And earning your concentration is a big challenge.
    • Ease of continuing education and dues. As a CISSP, you already have a relationship with (ISC)². If you earn the CISSP-ISSMP, you only have to share your Continuing Professional Education (CPE) credits with one organization. You may apply your CISSP-ISSMP CPE credits toward your CISSP requirement (as long as these credits are specific to security management). And your dues are a lot less than if you pursue an advanced certification with a separate organization. You’ll make great use of your time, energy and money.

    What the Industry Is Saying About the CISSP-ISSMP

  • Should You Pursue the CISSP-ISSMP? Should You Pursue the CISSP-ISSMP?

    The CISSP-ISSMP is an excellent way to hone your craft. But is it right for you?

    You’re a great fit for this cybersecurity management certification if you:

    • Are a life-long learner who craves a new challenge.
    • Want to go beyond the CISSP. You have a competitive spirit and want to stand out from your peers.
    • Want to be seen as a subject matter expert and prove your knowledge in a more focused area.
    • Are looking ahead in your career. A CISSP concentration will help you achieve an even higher level of success.
    • Need a CISSP Concentration to move into a specific job.

    The CISSP-ISSMP is ideal for those working in roles such as:

    • Chief information officer
    • Chief information security officer
    • Chief technology officer
    • Senior security executive
  • Get the CISSP-ISSMP Exam Outline Get the CISSP-ISSMP Exam Outline

    The exam outline is a free resource that details the major topics and subtopics within the domains that are covered on the CISSP-ISSMP exam. Reviewing this outline will help you determine which topics you may feel less confident about and develop a study plan around those topics.

    CISSP-ISSMP Exam Outline

    For a complete list of acronyms and terms you may encounter during your (ISC)² exam, reference the translated (ISC)² Certification Acronym and (ISC)² Certification Terms glossaries.

  • Self-Paced Training and Study Resources Self-Paced Training and Study Resources

    Self-Paced Training

    • A powerful alternative to traditional classroom training. You'll use modular training and interactive study materials.
    • Rich content equal to classroom training. It meets certification course requirements.
    • 180 days to access the content from any web-enabled device. Available any time and as often as you want.
    Get details on Self-Paced Training

    Self-Study Resources

    In addition to training, we offer resources to help you with self-study. Our resources include the:

  • Taking Your CISSP-ISSMP Exam Taking Your CISSP-ISSMP Exam
    Length of exam Up to 3 hours
    Number of questions 125 questions
    Question format Multiple choice
    Passing grade A passing score is 700 out of 1000 points
    Exam language English
    Testing center Pearson VUE Testing Center

    Ready to sign up for the exam? Visit the Pearson VUE website to create an account and book your exam.

  • Maintaining Your Concentration Maintaining Your Concentration

    Once you have passed your CISSP-ISSMP exam and are certified, you need to recertify every three years. To do so, you simply need to:

    • Earn 20 continuing professional education (CPE) credits each year. You may apply these 20 credits toward your CISSP CPE requirement as long as these credits are specific to security management.
    • There is no additional AMF for earning and maintaining CISSP concentrations.
Ok