Top of Page
 

Domain Change FAQs for CISSP-ISSMP

Q:

Why are changes being made to the CISSP-ISSMP exam?

 
A:
(ISC)² has an obligation to its membership to maintain the relevancy of its credentials. These enhancements are the result of a rigorous, methodical process that (ISC)² follows to routinely update its credential exams. This process ensures that the examinations and subsequent continuing professional education requirements encompass the topic areas relevant to the roles and responsibilities of today's practicing cybersecurity management professional.
Q:

How is the CISSP-ISSMP exam changing?

 
A:

The content of the CISSP-ISSMP has been refreshed to reflect the most pertinent issues that cybersecurity management professionals currently face, along with the best practices for mitigating those issues. Some topics have been updated while others have been realigned. The result is an exam that most accurately reflects establishing, presenting and governing information security programs, and demonstrates management and leadership skills.

As a result of the content refresh, we have updated the domain names to describe the topics accurately.

Previous CISSP-ISSMP Domain Names

New CISSP-ISSMP Domain Names

Domain 1: Security Leadership and Management

Domain 1: Leadership and Business Management

Domain 2: Security Lifecycle Management

Domain 2: Systems Lifecycle Management

Domain 3: Security Compliance Management

Domain 3: Risk Management

Domain 4: Contingency Management

Domain 4: Threat Intelligence and Incident Management

Domain 5: Law, Ethics and Incident Management

Domain 5: Contingency Management

 

Domain 6: Law, Ethics and Security Compliance Management

The domain weights are as follows:

Domains

Weight

Domain 1: Leadership and Business Management

22%

Domain 2: Systems Lifecycle Management

19%

Domain 3: Risk Management

18%

Domain 4: Threat Intelligence and Incident Management

17%

Domain 5: Contingency Management

10%

Domain 6: Law, Ethics and Security Compliance Management

14%

Total

100%

Q:

Why do domains for (ISC)² credential exams change?

 
A:
Domains change because it is a reflection of a change in the knowledge, skills and abilities, as indicated by experts through the Job Task Analysis process.
Q:

When will these changes go into effect?

 
A:
New training courses will be made available Fall 2018. The Second Edition ISSMP CBK Textbook will not be updated at this time but is still a comprehensive resource that is relevant in preparing for the ISSMP.
Q:

In what language will the refreshed CISSP-ISSMP exam be available?

 
A:
The refreshed CISSP-ISSMP exam will be available in English only.
Q:

Will this change the number of questions or the time required to take the CISSP-ISSMP exam?

 
A:
No. The CISSP-ISSMP exam will have the same number of items, and the time required to take the exam will be the same.
Q:

If I have been studying for the CISSP-ISSMP exam with material that focuses on the current domains, will I be sufficiently prepared to take the new exam without additional study?

 
A:
(ISC)² exams are experience-based that include experience-based questions that cannot be learned by studying alone. If you already have the experience in the domains covered in CISSP-ISSMP and believe that you have sufficiently studied those domains, you should feel confident that you are qualified to take the new exam and pass it. (ISC)² cannot guarantee you will pass the exam.
Q:

Do these updates affect the experience requirement for the CISSP-ISSMP?

 
A:
No. For the CISSP-ISSMP, a candidate is required to have a minimum of two years of cumulative work experience in one or more of the six domains of the CISSP-ISSMP CBK.
Q:

What impact do these changes have on (ISC)² training materials?

 
A:
The Official (ISC)² CISSP-ISSMP Training Course (online self-paced) will be available May 15, 2018.
OK