Top of Page
 

CCSP LogoCertified Cloud Security Professional

 

Prove You’re on the Forefront of Cloud Security

In the ever-changing world of the cloud, you face unique security challenges every day — from new threats to sensitive data, to uneducated internal teams.

Take command with the CCSP: the premier cloud security certification.

The CCSP is a global credential that represents the highest standard for cloud security expertise. It was co-created by (ISC)² and Cloud Security Alliance — leading stewards for information security and cloud computing security.

When you earn this cloud security certification, you prove you have deep knowledge and hands-on experience with cloud security architecture, design, operations and service orchestration. Start earning your CCSP today.

Steps to Certification

  1. Step 1
  2. Step 2
  3. Step 3
  4. Step 4

Get the Needed Experience

To qualify for the CCSP certification, you must have:

  • A minimum of five years cumulative, paid, full-time work experience in information technology
  • Of which three years must be in information security and one year in one or more of the six domains of the CCSP Common Body of Knowledge (CBK)

Earning CSA’s CCSK certificate can be substituted for one year of experience in one or more of the six domains of the CCSP CBK. 

Earning (ISC)²’s CISSP credential can be substituted for the entire CCSP experience requirement.

Don’t have the required work experience yet? You can take and pass the CCSP exam to earn an Associate of (ISC)² designation. Then, you’ll have up to six years to earn your required work experience for the CCSP.

Create an Account at Pearson VUE and Schedule Your Exam

To schedule an exam, you must create an account at Pearson VUE.

Pearson VUE is the leading provider of global, computer-based testing for certification and licensure exams. You can find details on testing locations, policies, accommodations and more on their website.

Once you’ve set up your account and are ready to register, you’ll need to:

  • Complete the Examination Agreement. You agree to the truth of your assertions regarding professional experience. You also legally commit to the adherence of the (ISC)² Code of Ethics.
  • Review the Candidate Background Questions.
  • Pay the exam fee.

Pass the Exam

This is the day to show your greatness! You’ll have four hours to complete the 125 exam questions.

You must pass the exam with a scaled score of 700 points or greater.

Want more details? Read our exam scoring FAQs.

Subscribe to the (ISC)² Code of Ethics and Get Endorsed

Let’s say you pass the exam. Then what?

Before this cloud security certification can be awarded, you have to:

  • Subscribe to the (ISC)² Code of Ethics.
  • Have your application endorsed.

Your endorsement form must be completed and signed by an (ISC)² certified professional. He or she needs to be an active member who can confirm your professional experience.

(ISC)² can endorse you if you can’t find a certified individual.

You have nine months from the date of the exam to complete these steps. If you don’t, you have to retake the exam to get certified.

Want to learn more? Read our endorsement assistance guidelines. >

(ISC)²'s bi-monthly e-newsletter Cloud Security INSIGHTS, delivers timely, must-read original articles for the professional development of infosecurity practitioners focused on cloud security.

Read the Latest Issue

Get to Know the CCSP

  • Why Become a CCSP Why Become a CCSP

    Your time is valuable, and you need to use it wisely. Here’s why the CCSP is a smart investment:

    • Instant credibility and differentiation. The CCSP positions you as an authority figure on cloud security. It’s a quick way to communicate your knowledge and earn trust from your clients or senior leadership.
    • Unique recognition. When you earn the CCSP, you achieve the highest standard for cloud security expertise. This certification is powered by the two leading non-profits focused on cloud and information security: CSA and (ISC)². It’s vendor-neutral, and you need practical knowledge and experience to earn it. Quite simply, there is no other cloud security certification like it.
    • Staying ahead. The CCSP can enhance your working knowledge of cloud security principles and practices. It can keep you current on evolving technologies, new threats and new mitigation strategies. And it can fill in unknown gaps in your knowledge. You’ll stay ahead.
    • Versatility. Because the CCSP is vendor-neutral, you can use your knowledge across a variety of different cloud platforms. This not only makes you more marketable, it ensures you’re better equipped to protect sensitive data in a global environment.
    • Career advancement. The CCSP creates opportunities. For example, as a consultant, it can help you expand into cloud services and win new business. If you’re an internal subject matter expert, it can help you move into more strategic roles. 

    What the Industry Is Saying About the CCSP

    The CCSP is ANSI-Accredited
    The CCSP certification is accredited by the American National Standards Institute (ANSI). This means it complies with the International Organization for Standardization and International Electrotechnical Commission (ISO/IEC) 17024 Standards. Why is accreditation important when choosing a certification program?

    Visit the Institute for Credentialing Excellence website for details.

  • Should You Pursue the CCSP? Should You Pursue the CCSP?

    The CCSP is one of the hottest certifications on the market today. But is this cloud security certification right for you? The answer is yes if you:

    • Are an experienced IT professional who’s involved with IT architecture, web and cloud security engineering, information security, governance, risk and compliance or IT auditing.
    • Are heavily involved with the cloud (or you’d like to be) in a global environment. You’re responsible for migrating to, managing or advising on the integrity of cloud-based software, such as SalesForce, Office 365, Optum, Impact Cloud, JIRA Software, SharePoint or CTERA.
    • Are an early adopter who loves being on the leading edge of technology.
    • Are passionate about security.
    • Want to differentiate yourself (or your business).
    • Want to stay up-to-speed on rapidly evolving cloud technologies, threats and mitigation strategies.

    In addition, many who pursue the CCSP find it useful for working with organizations committed to DevSecOps, Agile or Bimodal IT practices.

    The CCSP is ideal for those working in roles such as:

    • Enterprise Architect
    • Security Administrator
    • Systems Engineer
    • Security Architect
    • Security Consultant
    • Security Engineer
    • Security Manager
    • Systems Architect
  • Mastering the Domains on the Exam Mastering the Domains on the Exam

    The CCSP exam tests your skills in six domains. The domains draw from a range of cloud security topics within the (ISC)² Common Body of Knowledge (CBK).

    Here’s a closer look at the CCSP domains and how they’re weighted on the exam:

    Domains Weight
    1. Architectural Concepts and Design Requirements 19%
    2. Cloud Data Security 20%
    3. Cloud Platform and Infrastructure Security 19%
    4. Cloud Application Security 15%
    5. Operations 15%
    6. Legal and Compliance 12%
    Total 100%


    Architectural Concepts and Design Requirements

    • Understand cloud computing concepts
    • Describe cloud reference architecture
    • Understand security concepts relevant to cloud computing
    • Understand design principles of secure cloud computing
    • Identify trusted cloud services

    Cloud Data Security

    • Understand cloud data lifecycle
    • Design and implement cloud data storage architectures
    • Design and apply data security strategies
    • Understand and implement data discovery and classification technologies
    • Design and implement relevant jurisdictional data protections for personally identifiable information (PII)
    • Design and implement data rights management
    • Plan and implement data retention, deletion, and archiving policies
    • Design and implement auditability, traceability and accountability of data events

     Cloud Platform and Infrastructure Security

    • Comprehend cloud infrastructure components
    • Analyze risks associated to cloud infrastructure
    • Design and plan security controls
    • Plan disaster recovery and business continuity management

    Cloud Application Security

    • Recognize the need for training and awareness in application security
    • Understand cloud software assurance and validation
    • Use verified secure software
    • Comprehend the software development life-cycle (SDLC) process
    • Apply the secure software development life-cycle
    • Comprehend the specifics of cloud application architecture
    • Design appropriate identity and access management (IAM) solutions

    Operations

    • Support the planning process for the data center design
    • Implement and build physical infrastructure for cloud environment
    • Run physical infrastructure for cloud environment
    • Manage physical infrastructure for cloud environment
    • Build logical infrastructure for cloud environment
    • Run logical infrastructure for cloud environment
    • Manage logical infrastructure for cloud environment
    • Ensure compliance with regulations and controls (e.g., ITIL, ISO/IEC 20000-1)
    • Conduct risk assessment to logical and physical infrastructure
    • Understand the collection, acquisition and preservation of digital evidence
    • Manage communication with relevant parties

    Legal and Compliance

    • Understand legal requirements and unique risks within the cloud environment
    • Understand privacy issues, including jurisdictional variation
    • Understand audit process, methodologies, and required adaptions for a cloud environment
    • Understand implications of cloud to enterprise risk management
    • Understand outsourcing and cloud contract design
    • Execute vendor management
  • Getting CCSP Training That’s Right for You Getting CCSP Training That’s Right for You

    Prepare for your CCSP exam through a combination of training courses and individual study. And learn from (ISC)² — the creator of the CCSP CBK!

    Simply choose the best training format for your schedule, needs and learning style.

    Classroom-Icon

    Classroom-Based Training

    • Ideal for hands-on learners. The most thorough review of the CCSP CBK, industry concepts and best practices.
    • Five-day training event delivered in a classroom setting. Eight hours a day.
    • Available at (ISC)² facilities and through (ISC)² Official Training Providers worldwide.
    • Led by authorized instructors.

    Get details on Classroom-Based Training.


    School-Icon

    Private On-Site Training

    • A cost-effective and convenient training solution if your organization has 10 or more employees taking the exam.
    • Tailored to your team’s schedule, budget and certification requirements.
    • Conveniently taught in your office space or a local venue.
    • Led by authorized instructors

    Get details on Private On-Site Training.

    Instructor-Icon

    Instructor-Led Training

    • Participate from the convenience of your computer. This saves you travel time and expense.
    • Weekday, weekend and evening options to fit your needs.
    • Comprehensive review of the CBK, so you’re ready for this cloud security certification.
    • Delivered in a variety of schedules with weekday, weekend, and evening options to suit your needs.
    • Access to recordings of all course sessions for 60 days.
    • Led by authorized instructors.

    Get details on Instructor-Led Seminars.


    Self-Paced Icon

    Self-Paced Training

    • A powerful alternative to traditional classroom training. You’ll use modular training and interactive study materials.
    • Virtual lessons taught by authorized instructors through HD video.
    • Rich content equal to classroom training. It meets certification course requirements.
    • 120 days to access the content from any web-enabled device. Available any time and as often as you want.

    Get details on Self-Paced Training.

    CCSP Training Course Overview

    Our training helps you fully prepare for this cloud security certification. You will:

    • Review, refresh and expand your cloud security knowledge.
    • Identify areas you need to study for the CCSP exam.

    You can expect an in-depth review of the six domains of the CCSP CBK — including discussion of industry best practices and timely cloud security concepts.

    (ISC)² authorized instructors lead all our training. You’re learning from industry experts who understand you. They know how to make the content highly relatable. And they go through a rigorous process to teach to our CBK.

    Plus, we use proven adult learning techniques to reinforce topics. This approach increases how much information you retain. Our techniques are highly interactive. They focus on real-world learning activities and scenarios, so you get the most out of training.

    Self-Study Tools

    In addition to training, we offer resources to help you with self-study. Our resources include the:

  • Taking Your CCSP Exam Taking Your CCSP Exam
    Length of exam

    Up to 4 hours

    Number of questions

    125 questions

    Question format

    Multiple choice

    Passing grade

    A passing score is 700 out of 1000 points

    Exam Language

    English

    Testing Center

    Pearson Vue Testing Center

    Ready to sign up for the exam? Visit the Pearson VUE website to create an account and book your exam.

  • Maintaining or Regaining CCSP Certification Maintaining or Regaining CCSP Certification

    Once you’ve earned this cloud security certification, you become a member of (ISC)2. You enter one of the largest communities of information security professionals in the world. You gain access to unparalleled global resources and networking.

     

    Quite simply, you have endless opportunities to grow and refine your craft.

     

    But certification is a privilege that must be earned and maintained. To remain in good standing with your CCSP, you need to:

    • Abide by the (ISC)² Code of Ethics.
    • Earn and post Continuing Professional Education (CPE) credits.
    • Pay your Annual Maintenance Fee (AMF).

    Here’s a closer look at each.

    Abiding by the (ISC)² Code of Ethics
    You agree to fully support and follow the (ISC)² Code of Ethics.

    Earning and Posting CPE Credits
    Cloud security technology is constantly changing. (You know this well!) You need to earn CPE hours to stay well-rounded and keep up your expertise.

    For the CCSP, you need to earn and post a minimum of 30 CPE credits per year. You need to do so before your certification annual anniversary date.

    CPEs may sound like a big task. However, (ISC)² makes it easy for you to earn your CPE credits on a regular basis.

    We offer access to:

    • Live educational events around the world.
    • Online seminars that can be taken in the comfort of your home or office. They’re available exclusively to (ISC)² members.
    • And many more learning opportunities.

    Paying Annual Maintenance Fees (AMFs)
    Once you earn this cloud security certification, you must pay USD$100 each year of your three-year certification cycle. Your payment is due before your certification or re certification annual anniversary date. 

    Your payments help ensure that (ISC)2 has the financial resources to:

    • Be a functional, dynamic entity for leading information security and IT professionals (like you) far into the future.
    • Develop more CPE opportunities.
    • Continue to meet the certification needs and requirements of information security professionals.
    • Maintain member records.

    How to Regain Membership if Your CCSP Ends

    If you wish to regain membership, you’ll need to:

    • Pay any outstanding AMF payments. (This needs to take place before you sit for the exam.)
    • Retake and pass the exam to become certified again.
    • Contact Member Services to reactivate your certification after you pass the exam.

    Do you have questions about maintaining your CCSP certification? Ask Member Services

     

CCSP Exam Download

Become a Cloud Security Expert Today

Download Your Free CCSP Exam Outline