Top of Page
 

CISSP Domain Refresh FAQ

Q:

Why are changes being made to the CISSP exam?

 
A:

(ISC)² has an obligation to its membership to maintain the relevancy of its credentials. These enhancements are the result of a rigorous, methodical process called the Job Task Analysis (JTA) that (ISC)² conducts to routinely update its credential exams. This process ensures that the examinations and subsequent continuing professional education requirements encompass the topic areas relevant to the roles and responsibilities of today's practicing information security professionals.

Q:

How is the CISSP exam changing?

 
A:

The content of the CISSP has been refreshed to reflect the most pertinent issues that cybersecurity professionals currently face, along with the best practices for mitigating those issues. The result is an exam that most accurately reflects the technical and managerial competence required from an experienced information security professional to effectively design, engineer, implement and manage an organization's cybersecurity program within an ever-changing security landscape.


On May 1, 2021 the domain weights will update as follows:

Current Domains Weight Domains as of May 1, 2021 Weight

DOMAIN 1

Security and Risk Management

15%

Security and Risk Management

15%

DOMAIN 2

Asset Security

10%

Asset Security

10%

DOMAIN 3

Security Architecture and Engineering

13%

Security Architecture and Engineering

13%

DOMAIN 4

Communication and Network Security

14%

Communication and Network Security

13%

DOMAIN 5

Identity and Access Management (IAM)

13%

Identity and Access Management (IAM)

13%

DOMAIN 6

Security Assessment and Testing

12%

Security Assessment and Testing

12%

DOMAIN 7

Security Operations

13%

Security Operations

13%

DOMAIN 8

Software Development Security

10%

Software Development Security

11%

 

Please refer to the CISSP Exam Outline for details.

Q:

Why do domains for (ISC)² credential exams change?

 
A:

Domains change because it is a reflection of a change in the knowledge, skills and abilities, as indicated by experts through the Job Task Analysis process.

Q:

When will these changes go into effect?

A:

The changes will begin on May 1, 2021.

Q:

In what language will the refreshed CISSP exam be available?

 
A:

The refreshed CISSP exam will be available in English in the Computer Adaptive Test (CAT) format, and in French, German, Brazilian Portuguese, Spanish, Japanese, Simplified Chinese and Korean in the linear fixed form format.

Q:

Will this change the number of items or the time required to take the CISSP exam?

 
A:

No. The updates will not impact the number of items on the CISSP exam, regardless of whether the exam is in the CAT or the linear fixed format. The CISSP CAT will remain between 100-150 items with time limit of three hours. The CISSP linear format will remain 250 items with a time limit of six hours.

Q:

If I have been studying for the CISSP exam with material that focuses on the current domains, will I be sufficiently prepared to take the new exam without additional study?

 
A:

(ISC)² exams are experience-based that include experience-based items that cannot be learned by studying alone. If you already have the experience in the domains covered in CISSP and believe that you have sufficiently studied those domains, you should feel confident that you are qualified to take the new exam and pass it. (ISC)² cannot guarantee you will pass the exam.

Q:

Do these updates affect the experience requirement for the CISSP?

 
A:

No. For the CISSP, a candidate is required to have a minimum of 5 years cumulative paid full-time work experience in 2 or more of the 8 domains of the CISSP CBK.

Q:

What impact do these changes have on (ISC)² training materials?

 
A:

An update to the Official (ISC)² CISSP Training Course (classroom-based and online-instructor led) will be available in May 2021.

Ok