Previously we had compared two leading information security management certifications in our post titled CISM vs CISSP. We had also published a detailed post about CISM certifition and now we are going to look at CISSP certification in more detail.
Working as an information system security professional is a job that requires a person to have a sense of responsibility, credibility, and be able to handle pressure in hard times. However, during the interview process, there is little time for companies to confirm an interviewee’s qualifications.
Therefore, there are certifications tests that show the credibility of a person’s qualifications related to a job role. By becoming certified to such a certificate, the company you are applying for the job will be able to judge your skills much accurately. The same goes for Certified information systems security professional (CISSP) certification.
The certified person can take on the role to effectively design, implement, and manage the best-in-class cybersecurity program. You will be able to unlock a wide array of exclusive resources, education tools, as well as peer to peer networking opportunities by becoming a CISSP certified person.
Now that it’s clear, let’s take a look at what a certified information systems security professional is, how long it takes to get the certificate, how much the certification costs, and how much you can earn.
What is Certified Information Systems Security Professional certification
Once you are certified by CISSP certification, you will be able to handle the responsibility of the information system security manager. In other words, you can say that the CISSP is an information security certificate that focuses on a person’s ability to handle information system security by designing, implementing, and managing it.
The Certification was developed by International Information Systems Security Certification Consortium (ISC)². It is one of the foremost requirements to meet for personnel of information security. It is valid in more than 160 countries and is proof of your skills and expertise in Information security.
How do I become a Certified Information Systems Security Professional?
To become a certified information systems security professional first you have to register on https://www.isc2.org/Register-for-Exam . After getting your registration done, you have to give a CAT (Computer Adaptive Testing) exam which is available in 8 languages which include, English, French, German, Brazilian Portuguese, Korean, Spanish, Simplified Chinese, Japanese. The exam is also available in Visually impaired Testing Centres for visually impaired candidates.
What is required for CISSP certification?
Like every other certification, there are some required criteria that you must complete to take the CISSP certification exam. Let’s take a look at what is the criteria to take the examination:
- Candidates are required to have a minimum of five years of cumulative paid work experience in two or more of the 8 domains of the CISSP CBK.
- This means your total work experience must add up to at least 5 years either full time (must have worked a minimum of 35 hours/week for four weeks for accruing one month of work experience). If you are not meeting these criteria then there is another option. You can also have part-time experience (should not be less than 20 hours a week and no more than 34 hours a week).
Domains of the CISSP CBK
There are seven domains of common body of knowledge (CBK) that are tested in the CISSP exam:
1. Security and Risk Management
2. Software Development Security
3. Asset Security
4. Security Assessment and Testing
5. Identity and Access Management (IAM)
6. Security Operations
7. Communication and Network Security
8. Security Architecture and Engineering
Relevant Education or Certifications Held
Out of the total 5 years of experience required, either the 4-year educational degree or its regional equivalent degree can satisfy one year of experience.
However, paid as well as unpaid internships are also acceptable. But you are going to need it written on the company/organization letterhead ensuring your position as an intern. In case you are an intern at a school, the documentation can be the registrar’s stationery.
Can you pass CISSP without experience?
We saw how experience is required to have the certification. However, if you are meeting the above-mentioned criteria you can still take the exam and get yourself certified. However, candidates who don’t have the required experience may become an associate of ISC² by passing the CISSP exam and then they, as associates, will have 6 years to get 5 years of work experience.
This means that they can first pass the exam then earn experience while doing work in the industry and after getting enough experience they can get their certificate. So, it’s a proactive way to get the certificate then the traditional way. This way students and young professionals who want to achieve greatness but lack experience can still get their dreams.
Plus, the associate of ISC² can also apply for any other ISC² certificate without the required experience for the same.
What to do after completing the exam
After completing the exam you have to subscribe to the ISC² code of ethics (https://www.isc2.org/Ethics) then fill the endorsement form. Your endorsement form must be signed by another ISC² professional to verify the authenticity of your work experience. The total process must be completed within 9 months after the exam.
How long do the CISSP be valid for?
Getting yourself certified by CISSP doesn’t mean that you are certified for life. Like most of the popular & worldwide recognized certifications CISSP ensures that you are also up to date with the current standards of the industry.
This is why, once you have earned a certification of CISSP, your CISSP credentials are valid for up to three years.
Once your certification is expired, and you want to continue the certificate you can choose to continue the certification by getting 120 Continuing Professional Education (CPE) credits because ISC² demands its certified members to hold a minimum of 120 Continuing Professional Education (CPE) credits.
Professionals can have 3 years to maintain their credentials. This means that everyone has to earn at least 40 Continuing Professional Education credits every year. Plus, an annual maintenance fee of $85 is also required to be paid.
How much CISSP exam costs
The cost of taking CISSP exams are the following:
Standard Registration – U.S. $599 for specialists and U.S. $699 for non-specialists
Europe, Middle East, and Africa (EMEA)
Standard Registration – EUR 555 for specialists and EUR 650 for non-specialists
Standard Registration- GBP 479 for specialists and GBP 560 for non-specialists
Standard Registration- U.S. $599 for specialists and U.S. $699 for non-specialists
Standard Registration- U.S. $599 for specialists and U.S. $699 for non-specialists
Americas and all other regions which are not listed above
Standard Registration-U.S. $599 for specialists and U.S. $699 for non-specialists.
Plus, if you are rescheduling your exam you have to pay a $50 fine
How long does it take to study for CISSP?
Well, every exam needs to be prepared thoroughly and CISSP is no exception to this case. According to those who have passed the exam, CISSP exam preparation takes approximately 2-3 months with 4-5 hours in a day but only if done on time. This long will be sufficient for you to complete the physical material including the CISSP study guides, practice test, etc.
However, you can also join some of the best available online courses that will help you pass the exam by making sure you are studying constantly, clearing your doubts, and providing you with up-to-date study materials.
Its syllabus includes
- Software Development Security
- Access Control
- Business Continuity and Disaster Recovery Planning
- Security Architecture and Design
- Security Operations
- Communications and Network Security
- Software Development Security.
How much does CISSP training cost
The cost of certified information system security professional (CISSP) training may differ from $200 to $350. You may choose an online self-paced course or may choose an online boot camp. It all depends on the courses that you choose. But some places may go high like the online self-paced course that costs $2,795 through ISC².
How much CISSP holders earn
According to a report by global knowledge in 2019 based on IT skills salary CISSP credential holders earn an average of $116,500 with numbers varying from $109,965 in North America to $76,878 in Asia pacific.
It is 20-25% more than their non-degree holder counterpart.
How hard is it to get a CISSP certification?
Well, no false words, the CISSP exam is indeed a little hard to crack. With only a 20% passing rate. But just like any other exam, enough preparation will make it easier. So, there is no need to give up on hope.
Is CISSP worth the efforts
Having earned a CISSP certificate, you earn up to 25% more in your salary than your counterpart who doesn’t have one. It shows that you are conscious about your job and want to, and ready to learn new things.
It will surely help you get up-skill yourself as well as gain new opportunities in your current organization and the new ones too. It comes on 3rd ranking in the highest salary paying IT certificate so there is no need to describe its standing on an international level.
But above all that, as a certificate CISSP shows your knowledge of information security. It gives a business and technology adaptation to risk management. And it also provides access to valuable resources, such as idea exchange, peer-networking, etc.
Not to scratch it long, I just want to say that having a certification that can show your skillset, and help you achieve the promotion or job you were looking for will not be a waste of time. By getting yourself CISSP certification will help you show your employers that you are disposable for the company and serious about getting your job done and career. If you are thinking about getting yourself certified then for sure go for it and study well.