A version of this article was first published on HIPAA Vault’s
As an organization that focuses on managed security, HIPAA Vault is often asked how to enter the cybersecurity field and become an IT Security Expert. As an aide to those interested in this field of study, a CISSP certification may be helpful for you. Here is guide to help you get your CISSP:
Pursuing CISSP certification
Excel in the information security career field. This certification status will raise visibility and credibility, improve job security, plus generate new business opportunities. The Certified Information Systems Security Professional (CISSP) curriculum includes a variety of Information Security topics to include Risk Management, Communications, Identity and Access Management, Assessment and Testing, Operations, and Software Development. The certification exam is a rigorous test of Information Security knowledge and expertise. Becoming a CISSP helps to provide an increased understanding of the Common Body of Knowledge (CBK) for cybersecurity. This collection of topics contains relevance to Information Security professionals around the globe by establishing a common framework of information security terms and principles with a common understanding. By becoming a CISSP, access and membership to the International Information Systems Security Certification Consortium (ISC)² community is gained. This is a global community of members that share ideas and find new ways to improve security practices at-large. CISSP knowledge focuses on the practical application of cybersecurity knowledge by expanding the skills needed to fulfill day-to-day operational activities.
Prerequisites/ Prior Experience
Minimum of five (5) years full-time work experience in an Information Technology security-related field which covers at least two (2) of the (ISC)² information security domains is a requirement. Of those, one (1) year can be waived by having a Bachelor’s or Master’s degree in Information Security OR having obtained other related Information Security certifications. If the required experience has not yet been met, the Associate of (ISC)² designation can be achieved by passing the CISSP exam, good for no more than six (6) years. During this time, once the experience requirements have been met an endorsement form will be submitted. Then, certification can be converted to CISSP status.
Passing the Exam
CISSP exam requires a passing score of 700 or higher to pass. Test registration is done through authorized testing facility such as Pearson VUE. Exam pricing depends on either early registration ($549) or a standard registration ($599). CISSP exam is an endurance test consisting of 250 multiple-choice questions to be answered in a 6-hour time window.
Endorsement Required
After passing the CISSP exam, additional work is still needed. An endorsement form is then required to be completed. An active (ISC)² member in good standing has to attest the experience requirements. Once this member receives and approves the endorsement, then CISSP status is fully-achieved.
Audit Preparation
The CISSP application process must be completed honestly and accurately, as the (ISC)² group randomly selects certified individuals for an audit. If falsified information is identified during this process, they may consider revoking the CISSP certification status. Always remember: “Honesty is the best policy”; which is a core principle of the (ISC)² Code of Ethics that must be affirmed during the initial application process.
Certification Expiry/Renewal Information
CISSP certification status has a three-year expiration. During this time, 120 continuing professional education (CPE) credits need to be fulfilled; posting a minimum of 40 CPE credits per year. You need to do so before your certification annual anniversary date. (ISC)² provides further details about these requirements upon being certified. Also, there is an annual membership fee ($85) required to maintain good standing and certification status. This payment is due by the anniversary date of acquiring the certification. Maintenance fees help the (ISC)² Community to support leading Information Security professionals, develop new CPE opportunities and continues providing this certification track to new and existing members. If (ISC)² membership becomes lapse and needs to be reinstated, any outstanding fees have to be paid and retake/pass the CISSP exam, then (ISC)² Member Services can reactivate the certification status.