Top of Page
 

CISSP Domain Refresh FAQ

Q:

Why are changes being made to the CISSP exam?

 
A:

(ISC)² has an obligation to its membership to maintain the relevancy of its credentials. These enhancements are the result of a rigorous, methodical process that (ISC)² follows to routinely update its credential exams. This process ensures that the examinations and subsequent continuing professional education requirements encompass the topic areas relevant to the roles and responsibilities of today's practicing information security professionals.

Q:

How is the CISSP exam changing?

 
A:

The content of the CISSP has been refreshed to reflect the most pertinent issues that information security professionals currently face, along with the best practices for mitigating those issues. Some topics have been updated while others have been realigned. The result is an exam that most accurately reflects the technical and managerial competence required from an experienced information security professional to effectively design, engineer, implement and manage an organization’s information security program within an ever-changing security landscape.


Previous CISSP Domain Name New CISSP Domain Name

Domain 1: Security and Risk Management

Domain 1: Security and Risk Management

Domain 2: Asset Security

Domain 2: Asset Security

Domain 3: Security Engineering

Domain 3: Security Architecture and Engineering

Domain 4: Communications and Network Security

Domain 4: Communication and Network Security

Domain 5: Identity and Access Management

Domain 5: Identity and Access Management (IAM)

Domain 6: Security and Assessment Testing

Domain 6: Security Assessment and Testing

Domain 7: Security Operations

Domain 7: Security Operations

Domain 8: Software Development Security

Domain 8: Software Development Security

 

The domain weights are as follows:

Major Domains Weightings (Percentage)

Domain 1: Security and Risk Management

15%

Domain 2: Asset Security

10%

Domain 3: Security Architecture and Engineering

13%

Domain 4: Communication and Network Security

14%

Domain 5: Identity and Access Management (IAM)

13%

Domain 6: Security Assessment and Testing

12%

Domain 7: Security Operations

13%

Domain 8: Software Development Security

10%

Total

100%

 

Please refer to the CISSP Exam Outline for details.

Q:

Why do domains for (ISC)² credential exams change?

 
A:

Domains change because it is a reflection of a change in the knowledge, skills and abilities, as indicated by experts through the Job Task Analysis process.

Q:

When will these changes go into effect?

 
A:

The changes will begin on April 15, 2018.

Q:

In what language will the refreshed CISSP exam be available?

 
A:

The refreshed CISSP exam will be available in English, French, German, Brazilian Portuguese, Spanish, Japanese, Simplified Chinese and Korean.

Q:

Will this change the number of questions or the time required to take the CISSP exam?

 
A:

No. The CISSP exam will have the same number of items, and the time required to take the exam will be the same.

Q:

If I have been studying for the CISSP exam with material that focuses on the current domains, will I be sufficiently prepared to take the new exam without additional study?

 
A:

(ISC)² exams are experience-based that include experience-based questions that cannot be learned by studying alone. If you already have the experience in the domains covered in CISSP and believe that you have sufficiently studied those domains, you should feel confident that you are qualified to take the new exam and pass it. (ISC)² cannot guarantee you will pass the exam.

Q:

Do these updates affect the experience requirement for the CISSP?

 
A:

No. For the CISSP, a candidate is required to have a minimum of 5 years cumulative paid full-time work experience in 2 or more of the 8 domains of the CISSP CBK.

Q:

What impact do these changes have on (ISC)² training materials?

 
A:

The Official (ISC)² CISSP Training Course (classroom-based and online-instructor led) will be available in April 2018.The Sybex CISSP Study Guide will be available in May 2018. The Official (ISC)² CISSP CBK, Practice Test Book and CISSP for Dummies will be available in the third quarter of 2018.

OK