ISC2 examinations are the preeminent experience in cybersecurity certifications. To maintain this status, our team and community collaborate ensuring that the exams stay relevant, secure and comprehensively address the skills needed to support today’s cyber climate. Each ISC2 examination is in a constant rotating cycle of evolution.

The ISC2 Qualifications Team partners with ISC2-certified member volunteers to verify that the exam content is evolving with the latest policy, technology and workplace best practices. These subject matter experts (SMEs) participate in Job Task Analyses (JTAs) which take a close look at the knowledge, skills and abilities (KSAs) needed to successfully perform activities in today’s cybersecurity roles.

Job Task Analysis

JTAs are typically conducted every three years as the first phase of the Exam Development Lifecycle for each certification. However, the frequency can shift to meet the dynamic, real-world changes of the cybersecurity landscape. A three-step process combines panel workshops and survey data tied to job definitions and eligibility requirements that level set expectations for the certification in review.

ISC2 members have three opportunities to experience and engage in the JTA process:

  1. Initial Workshop - Volunteer SMEs review the certification exam outline and recommend updates. Tasks are evaluated to remove those that are outdated and add in the latest developments. This workshop produces a new exam outline recommendation.
  2. Certification Holder Survey - Certification holders are emailed a survey in which they can rate the importance and frequency of the suggested tasks, knowledge, skills and abilities. Respondents can also propose additional suggestions.
  3. Survey Results Workshop - A second group of volunteer SMEs review the survey results and consider the additional task/KSA recommendations. The final product is an exam outline that contains the domain and task weighting (number of questions) used to construct future exams.

Each JTA step takes six to nine months to complete. In addition to the opportunities mentioned, ISC2 captures on-going information after Exams Content Development Workshops (e.g., item writing and item review) and conducts short, bi-monthly surveys to discover emerging tools, software and/or methodologies that have become the standard or best practice since previous JTA.

Collectively, these sessions and surveys support the on-going development of exam content, ensuring that candidates are prepared to take on the topic areas most relevant to the roles and responsibilities of today’s practicing cybersecurity professionals.

Get Involved

ISC2 members are encouraged to share their experience as an SME volunteer. Join a global community working together to support the future of the profession. ISC2 volunteers receive continuing professional education (CPE) credits and expand their professional networks. To hear about the latest exam workshop opportunities, register as an ISC2 Volunteer.