Our Credentialing Process
Receiving your (ISC)² credential is a several-step process:
1. Obtain the Required Experience
Valid experience includes information systems security-related work performed, or work that requires information security knowledge and involves direct application of that knowledge.
2. Study for the Exam
- Download the Candidate Information Bulletin
- Test your knowledge with studISCope from (ISC)², an actual simulation of the exam situation you will face for your certification. studISCope serves as an indispensable analytical study tool and personalized study planner.
- Take an Official (ISC)² CBK Review Seminar. These in-classroom seminars help you review and refresh your knowledge of information security. Conducted by (ISC)² Authorized Instructors, each of whom is up-to-date on the latest information security-related developments and is an expert in credential-specific domains. Or, sign up for (ISC)²’s Live OnLine course, available over the Internet in real-time – a convenient way to take advantage of our proven review seminars from your laptop or desktop anywhere in the world.
3. Schedule the CBT Exam
- Create an account at Pearson Vue and schedule your exam.
- Complete the Examination Agreement, attesting to the truth of your assertions regarding professional experience, and legally committing to the adherence of the (ISC)² Code of Ethics.
- Submit the examination fee.
4. Pass the Exam
Pass the examination with a scaled score of 700 points or greater. Read the Exam Scoring FAQs .
5. Complete the Endorsement Process
Once you are notified that you have successfully passed the examination, you will be required to have your application endorsed before the credential can be awarded. An endorsement form for this purpose must be completed and signed by an (ISC)² certified professional who is an active member, and who is able to attest to your professional experience. With the Endorsement Time limit, you are required to become certified within nine (9) months of the date of your exam OR become an Associate of (ISC)². If you do not become certified or an Associate of (ISC)² within nine (9) months of the date of your exam you will be required to retake the exam in order to become certified. [(ISC)² can act as an endorser for you if you cannot find a certified individual to act as one.] Please refer to the Endorsement Assistance Guidelines for additional information about the endorsement requirements.
6. Maintain the Certification
Recertification is required every three years, with ongoing requirements to maintain your credentials in good standing. This is primarily accomplished through continuing professional education [CPE] credits. More information on qualifying CPEs will be available upon certification. All certfications also require an annual maintenance fee. For more details, please visit our certification pages for SSCP, CAP, CSSLP, CISSP or CCFP.
Passing candidates will be randomly selected and audited by (ISC)² prior to issuance of any certificate. Multiple certifications may result in a candidate being audited more than once.