Certified Information Systems Security Professional (CISSP)

Reviewed by Margaret RouseCheckmark | Last updated: September 15, 2021

What Does Certified Information Systems Security Professional (CISSP) Mean?

Certified Information System Security Professional (CISSP) is a vendor-neutral, independent certification offered by the International Information System Security Certification Consortium, otherwise known as (ISC)².

This globally recognized certification is designed to show an employer that a job candidate has the knowledge and experience necessary to effectively design, implement and manage an organization's cybersecurity.

Individuals seeking CISSP certification must pass a comprehensive 3-hour exam that consists of 100 to 150 questions and covers 8 broad information security domains. The eight testing domains for CISSP certification are:

  • Security and Risk Management
  • Asset Security
  • Security Architecture and Engineering
  • Communication and Network Security
  • Identity and Access Management (IAM)
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security

To qualify for the CISSP exam, candidates must either have five years of security experience or four years of experience in addition to a security-related university or college degree.

If a candidate doesn’t yet have the required work experience, they have the option of taking and passing the exam to become an Associate of (ISC)². Associates are allowed six years to earn the work experience needed for full CISSP certification.


Techopedia Explains Certified Information Systems Security Professional (CISSP)

The CISSP exam is administered by Pearson VUE and is known for being difficult to pass the first time around because it covers such a broad range of infosec topics.

Candidates can prepare for the exam by registering for a training course or using free study guides and online practice exams. Once certified, candidates become a member of (ISC)² and must apply for recertification every three years by earning continuing professional education (CPE) credits and paying ISC² a fee.

Who should take the CISSP Exam?

  • Chief Information Security Officers
  • Chief Information Officers
  • Security Directors
  • Security Systems Engineers
  • Security Analysts
  • Security Auditors
  • Security Architects
  • Security Consultants
  • Network Architects
  • IT Directors
  • IT Managers

What is the Average CISSP Salary?

CISSP is intended for both experienced security practitioners and executives who are interested in proving their knowledge across a wide range of security best practices. Professionals who earn the CISSP certification are among the most sought-after job candidates in information technology and according to recent surveys, salaries can be expected to range between $59,000 and $194,000.

Advanced CISSP certifications

Advanced CISSP certifications are also offered in three different specializations. To qualify for advanced certs, candidates must be a CISSP in good standing and have two years cumulative, paid work experience in at least one relevant test domain.

CISSP Architecture (CISSP-ISSAP) – the successful candidate demonstrates they know how to design security programs and provide management with risk-based guidance to meet organizational goals.

CISSP Management ( CISSP-ISSMP) - the successful candidate must demonstrate they excel at creating and and governing an organization's infosec programs.

CISSP Engineering (CISSP-ISSEP) - the successful candidate must demonstrate they have the necessary knowledge and practical skills to incorporate security in all areas of business operations.




Share this Term

  • Facebook
  • LinkedIn
  • Twitter

Related Reading


CybersecurityIT CareersCertifications

Trending Articles

Go back to top