Top of Page
 

Domain Change FAQs for CISSP-ISSAP

Q:

Why are changes being made to the CISSP-ISSAP exam?

 
A:
(ISC)² has an obligation to its membership to maintain the relevancy of its credentials. These enhancements are the result of a rigorous, methodical process that (ISC)² follows to routinely update its credential exams. This process ensures that the examinations and subsequent continuing professional education requirements encompass the topic areas relevant to the roles and responsibilities of today's practicing cybersecurity architecture professional.
Q:

How is the CISSP-ISSAP exam changing?

 
A:

The content of the CISSP-ISSAP has been refreshed to reflect the most pertinent issues that cybersecurity architecture professionals currently face. The result is an exam that most accurately reflects best practices for developing, designing and analyzing security solutions.

As a result of the content refresh, we have updated some of the domain names to describe the topics accurately. For details on the exam domain and subdomain changes, review our CISSP-ISSAP Domain Refresh guide.

Previous CISSP-ISSAP Domain Names

New CISSP-ISSAP Domain Names

Domain 1: Identity and Access Management Architecture

Domain 1: Architect for Governance, Compliance and Risk Management

Domain 2: Security Operations Architecture

Domain 2: Security Architecture Modeling

Domain 3: Infrastructure Security

Domain 3: Infrastructure Security Architecture

Domain 4: Architect for Governance, Compliance, and Risk Management

Domain 4: Identity and Access Management (IAM) Architecture

Domain 5: Security Architecture Modeling

Domain 5: Architect for Application Security

Domain 6: Architect for Application Security

Domain 6: Security Operations Architecture

 

The domain weights are as follows:

Domains

Weight

Domain 1: Architect for Governance, Compliance and Risk Management

17%

Domain 2: Security Architecture Modeling

15%

Domain 3: Infrastructure Security Architecture

21%

Domain 4: Identity and Access Management (IAM) Architecture

16%

Domain 5: Architect for Application Security

13%

Domain 6: Security Operations Architecture

18%

Total

100%

 

Q:

Why do domains for (ISC)² credential exams change?

 
A:
Domains change because it is a reflection of a change in the knowledge, skills and abilities, as indicated by experts through the Job Task Analysis process.
Q:

When will these changes go into effect?

 
A:
The exam changes will go into effect on October 14, 2020.
Q:

In what language will the refreshed CISSP-ISSAP exam be available?

 
A:
The refreshed CISSP-ISSAP exam will be available in English only.
Q:

Will this change the number of questions or the time required to take the CISSP-ISSAP exam?

 
A:
No. The CISSP-ISSAP exam will have the same number of items (125), and the time required to take the exam (3 hours) will be the same.
Q:

If I have been studying for the CISSP-ISSAP exam with material that focuses on the current domains, will I be sufficiently prepared to take the new exam without additional study?

 
A:
(ISC)² exams are experience-based that include experience-based questions that cannot be learned by studying alone. If you already have the experience in the domains covered in CISSP-ISSAP and believe that you have sufficiently studied those domains, you should feel confident that you are qualified to take the new exam and pass it. (ISC)² cannot guarantee you will pass the exam.
Q:

Do these updates affect the experience requirement for the CISSP-ISSAP?

 
A:
No. For the CISSP-ISSAP, a candidate is required to have a minimum of two years of cumulative work experience in one or more of the six domains of the CISSP-ISSAP CBK.
Ok