CISSP Exam Refresh FAQ

English  |  Deutsch  |  日本語  |  한국어  |  简体中文

On April 15, 2024, ISC2 will refresh the CISSP credential exam. These updates are the result of the Job Task Analysis (JTA), which is an analysis of the current content of the credential evaluated by ISC2 members on a triennial cycle. For more information on this process and upcoming update, please review the FAQs below.

Q: Why are changes being made to the CISSP exam?

A: ISC2 has an obligation to its membership to maintain the relevancy of its credentials. These enhancements are the result of a rigorous, methodical process that ISC2 follows to routinely update its credential exams. This process ensures that the examinations and subsequent continuing professional education requirements encompass the topic areas relevant to the roles and responsibilities of today's practicing cybersecurity professionals with the knowledge, skills and abilities to lead an organization’s information security program.

Q: How is the CISSP exam content changing?

A: Domain 1: Security and Risk Management has increased in weight from 15% to 16% while Domain 8: Software Development Security has decreased in weight from 11% to 10%. More detailed differences to the tasks and subtasks can be found in the exam outline.

On April 15, 2024 the domain weights will update as follows:

Domains Previous Weight Weight Effective April 15, 2024
DOMAIN 1
Security and Risk Management 15% 16%
DOMAIN 2
Asset Security 10% 10%
DOMAIN 3
Security Architecture and Engineering 13% 13%
DOMAIN 4
Communication and Network Security 13% 13%
DOMAIN 5
Identity and Access Management (IAM) 13% 13%
DOMAIN 6
Security Assessment and Testing 12% 12%
DOMAIN 7
Security Operations 13% 13%
DOMAIN 8
Software Development Security 11% 10%


Q: When will these changes go into effect?

A: The CISSP exam will be based on the refreshed exam outline on April 15, 2024.

Q: In what language will the refreshed CISSP exam be available?

A: The CISSP exam will be refreshed in all available languages. Currently, the CAT (Computerized Adaptive Testing) format is available in English only. The CISSP exam is available in Chinese, German, Japanese, Korean and Spanish in a linear format.

Q: Will the number of items on the exam, or the time limit for the exam administration change?

A: The time limit for the CAT exam will be a maximum of three (3) hours. Candidates taking the CAT version of the exam will see a minimum of 100 and a maximum of 150 items. The linear exam length will remain 6 hours for 225 scored items. Candidates taking the linear version of the exam will receive 225 total items.

Q: If I have been studying for the CISSP exam with material that focuses on the Domains, will I be sufficiently prepared to take the new exam without additional study?

A: ISC2 exams are experiential and include experience-based questions that cannot be learned by studying alone. If you already have experience in the domains covered in CISSP and believe that you have sufficiently studied those domains, you should feel confident that you are qualified to take the new exam and pass it. ISC2 cannot guarantee you will pass the exam.

Q: When will the training course for CISSP be updated to reflect these changes?

A: The Official ISC2 CISSP training course will be updated on April 15, 2024, to reflect the changes to the exam outline.