Ask the Expert

Work experience required for student taking CISSP exam

I am an Information Systems student currently taking Security for Organizations as my area of specialization. Am I required to have work experience in the IT security field to take the CISSP exam?

    Requires Free Membership to View

Let me quote from the CISSP applicant requirements:

"Have a minimum four years of direct full-time security professional work experience in one or more of the ten test domains of the information systems security Common Body of Knowledge (CBK) or three years of direct full-time security professional work experience in one or more of the ten test domains of the information systems security Common Body of Knowledge (CBK) with a college degree or equivalent life experience. Valid experience includes information systems security-related work performed as a practitioner, auditor, consultant, vendor, investigator or instructor, or that which requires IS security knowledge and involves direct application of that knowledge."

To begin my reply to your query, the words "direct full-time security professional work experience" already suggest that a degree by itself is not enough, but the statement "three years of direct full-time security professional work experience in one or more of the ten test domains of the information systems security Common Body of Knowledge (CBK) with a college degree or equivalent life experience" is pretty conclusive that real-world on-the-job experience is absolutely required in addition to the degree program you're pursuing. On the other hand, if you can make a case that part-time work or unpaid research work counts as "on the job experience" you might be able to appeal to them for special treatment.

I just talked to a very helpful guy at ISC-squared and learned that my surmise is correct: it's highly unlikely that you can replace more than one year of the four-year requirement with academic studies right now, because of the extreme importance of hands-on, in the trenches, on-the-job experience in working with security. Feel free to file your own appeal or to raise the question directly with them if you like, but I'm pretty sure you'll get the same response I'm giving you now (just having talked it through with Phil Wind of ISC-squared by phone). You will find contact information for the group at https://www.isc2.org/cgi-bin/contact.cgi.

Thanks for your inquiry. Good luck with your certification pursuits.


For more information on this topic, visit these other SearchSecurity.com resources:
Ask the Expert: How to become a CISSP
Ask the Expert: Online study resources for CISSP
Ask the Expert: Experience qualifications for CISSP


This was first published in January 2003

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: