Certified Information System Security Professional or CISSP is an information systems certification and a recognized standard of achievement. An objective is provided to the information security professionals with a measurement of competence that is recognized all over the world. The CISSP certification is associated with knowledge of information security as the commitment to the profession.
The CISSPs are the professionals for information assurance responsible for outlining the design, architecture, management and controls to guarantee the security of any organization. No other information security in this field has such strict requirements of the International Organization of Standardization and International Electromechanical Commission. The critical security topics for the CISSPs authorities include cloud computing, risk management, application development security, mobile security and much more.
The history of CISSP gained the importance in the mid-1980s as there was a need for structured certification program. A number of organizations became interested and a non-profit organization was formed with the goal for a demonstrated competence and a well-structured certification program.
The organization that creates CISSP is (ISC)². It is a non-profit organization managing the CISSP programs and executions. There are about 90, 135 members with CISSP certifications in 143 countries all over the world. The position in many governmental agencies and large companies requires credential practitioners, high potential to earn and certification for greater career opportunities.
The CISSP examination is promoted as an aid to assess the personal performance of the information security functions. The examination is 6 hours long, consisting of 250 multiple questions associated with the following topics and domains
- Security Management Practices
- Information security governance and risk management
- Software development security
- Security architecture and design
- Business continuity and disaster recovery planning
- Operations Security
- Telecommunications and network security
- Legal, regulations, investigations and compliance
- Access Control System
- Physical security
The courses are administered by the (ISC) ² on their terms. The examination is based on the standings of (ISC)² as the Common Body Knowledge or CBK. The terms and principles of the CISSP CBK are established through a framework that let the professionals of information security to debate on the matters affecting the profession on a common understanding. The examination candidates are required with a minimum work experience of five years in any two or more domains, four years’ work experience with a college degree and a qualification from the (ISC)2.
There are some requirements to fulfill once the exam has been passed. The credential is valid for three years and renewed after taking the exam again by earning 20 CPEs. The three year certification cycle has a requirement to earn at least 20 CPEs every year.