Certified Information Systems Security Professional (CISSP)

Certified Information Systems Security Professional 

(CISSP)

Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)². The CISSP designation is a globally recognized, vendor-neutral standard for attesting to an IT security professional's technical skills and experience in implementing and managing a security program. The CISSP is a certification sought by IT professionals with job titles such as security auditor, security systems engineer, security architect and chief information security officer, among others.

To become a CISSP, the candidate must pass the Certified Information Systems Security Professional exam with a scaled score of 700 or higher out of a 1000 point maximum. The six-hour long exam, consisting of 250 questions in multiple choice and "advanced innovative" formats, tests the candidate's knowledge and understanding in eight domains drawn from the more extensive (ISC)2 Common Body of Knowledge: security and risk management, asset security, security engineering, communications and network security, identity and access management, security assessment and testing, security operations and software development security.

Candidates are required to have a minimum of five years full-time experience in at least two of the eight domains. They must also complete the CISSP examination agreement, subscribe to the (ISC)2 code of ethics, answer several background qualification questions and receive an endorsement from an active (ISC)2 certified professional.