Certified Information Systems Security Professional (CISSP)

Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)². The CISSP designation is a globally recognized, vendor-neutral standard for attesting to an IT security professional's technical skills and experience in implementing and managing a security program. The CISSP is a certification sought by IT professionals with job titles such as security auditor, security systems engineer, security architect and chief information security officer, among others.

Download this free guide

Your Guide to Info Sec Certifications

We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

To become a CISSP, the candidate must pass the Certified Information Systems Security Professional exam with a scaled score of 700 or higher out of a 1000 point maximum. The six-hour long exam, consisting of 250 questions in multiple choice and "advanced innovative" formats, tests the candidate's knowledge and understanding in eight domains drawn from the more extensive (ISC)² Common Body of Knowledge: security and risk management, asset security, security engineering, communications and network security, identity and access management, security assessment and testing, security operations and software development security.

Candidates are required to have a minimum of five years full-time experience in at least two of the eight domains. They must also complete the CISSP examination agreement, subscribe to the (ISC)² code of ethics, answer several background qualification questions and receive an endorsement from an active (ISC)² certified professional.

As of this writing, the exam costs U.S. $599 in most regions, except for Europe. It is offered in English as well as other languages including French, German, Brazilian Portuguese, Spanish, Japanese, simplified Chinese, Korean and a format for the visually impaired.

To maintain the CISSP certification, candidates are required to earn at least 40 continuing professional education credits each year and pay an annual maintenance fee of U.S. $85.