CISSP Requirements Guide: Requirements, Trainings, and Cost
(What are the Requirements for CISSP Certification?)
Acquiring the Certified Information Systems Security Professional (CISSP) is a significant stepping stone in any cybersecurity professional's career. The certificate is globally-recognized, and the demand for CISSP holders is increasing day by day. In fact, there's a shortage of 3 million CISSPs all over the world.
Before you start preparing for the exam, you need to be fully aware of the requirements, how the training process goes, and the total cost, and that’s exactly what we’re going to help you figure out in our comprehensive CISSP requirements guide.
Before you start preparing for the exam, you need to be fully aware of the requirements, how the training process goes, and the total cost, and that’s exactly what we’re going to help you figure out in our comprehensive CISSP requirements guide.
What Is CISSP and Who Is It For?
The Certified Information Systems Security Professional (CISSP) certification is one of the most prestigious certificates in the cybersecurity field.
CISSP can be beneficial to you if you currently occupy any of the following job titles:
CISSP can be beneficial to you if you currently occupy any of the following job titles:
- Security Systems Engineer
- Chief Information Security Officer
- Director of Security
- Security Analyst
- Security Auditor
- IT Director/Manager
- Chief Information Officer
- Security Manager
- Security Consultant
- Security Architect
- Network Architect
More About (ISC)²
The International Information System Security Certification Consortium or (ISC)² was founded in 1989 in Clearwater, Florida, USA. With over 140,000 members of various nationalities, it’s one of the world’s largest non-profit organizations dedicated to training cybersecurity professionals and granting certificates. The organization is also responsible for setting the standards and benchmarks used in various cybersecurity subdisciplines, including software security, information security, and infrastructure security. The organization also offers other certificates in addition to CISSP, such as CAP, CSSLP, HCISSP, CCSP, and SSCP. |
CISSP Experience Requirements
Work Experience
To be able to attempt the CISSP exam, you need to have a minimum of 5 years of work experience in 2 or more of the CISSP domains, which are:
|
The required work experience can either be achieved through full-time or part-time jobs. However, they’re calculated differently. One month of full-time work experience is equivalent to working for 35 hours/week for 4 consecutive weeks.
On the flip side, 1040 hours of part-time work experience is similar to working for 6 months as a full-timer, and 2080 hours of part-time work experience is equivalent to 12 months of full-time work experience.
Also, if you’ve ever worked as a paid or unpaid intern in one of the security-related domains, it counts as work experience, too. But you need to submit your internship’s documents to prove it.
On the flip side, 1040 hours of part-time work experience is similar to working for 6 months as a full-timer, and 2080 hours of part-time work experience is equivalent to 12 months of full-time work experience.
Also, if you’ve ever worked as a paid or unpaid intern in one of the security-related domains, it counts as work experience, too. But you need to submit your internship’s documents to prove it.
Also, if you’ve earned another certificate from (ISC)² or other organizations like CompTIA or Cisco, you can substitute it for one year of work experience. Here’s a full list of the accredited certificates:
- GIAC Global Industrial Cyber Security Professional (GICSP)
- GIAC Information Security Fundamentals (GISF)
- GIAC Information Security Professional (GISP)
- GIAC Mobile Device Security Analyst (GMOB)
- GIAC Penetration Tester (GPEN)
- GIAC Security Essentials Certificate (GSEC)
- GIAC Security Leadership Certification (GSLC)
- GIAC Strategic Planning, Policy, and Leadership (GSTRT)
- GIAC Systems and Network Auditor (GSNA)
- HealthCare Information Security and Privacy Practitioner (HCISPP)
- Juniper Networks Certified Internet Expert(JNCIE-SEC)
- Information Security Management Systems Lead Auditor (IRCA)
- Information Security Management Systems Principal Auditor (IRCA)
- Master Business Continuity Professional (MBCP)
- Microsoft 365 Certified Enterprise Administrator Expert
- Systems Security Certified Practitioner (SSCP)
On a side note, if you're a junior cybersecurity professional and don't have any work experience yet, it'd be a good idea for you to pursue the Associate of (ISC)² certification. This certification's prerequisites are suitable for recent college graduates or any cybersecurity professional who has less than one year of work experience.
Additionally, if you have less than 2 years of work experience in cybersecurity, you can apply for the (ISC)² Systems Security Certified Professional (SSCP) certification.
Whether you opt for the Associate of (ISC)², SSCP, or any other certification in the list mentioned above, applying for the CISSP certification will become easier for you down the line once you acquire more work experience.
Additionally, if you have less than 2 years of work experience in cybersecurity, you can apply for the (ISC)² Systems Security Certified Professional (SSCP) certification.
Whether you opt for the Associate of (ISC)², SSCP, or any other certification in the list mentioned above, applying for the CISSP certification will become easier for you down the line once you acquire more work experience.
CISSP Training
When it comes to CISSP training, you have two options; you can either opt for (ISC)²’s official training program or look for other third-party alternatives. The official training program is a bit expensive, costing a whopping $2,795.
Some people rely on the self-study materials provided with the exam application, but that can be pretty risky. The exam is already hard enough, and you don’t want to make things even harder by entirely relying on your self-study efforts. |
A training program from a third-party training provider might be the best option for you if you’re on a tight budget. However, it’s worth noting that not all training programs are beneficial. Don’t be deceived by cheap training programs that’ll get you nowhere.
But the price isn’t the only factor that you need to consider here; let’s walk you through the process of selecting an appropriate CISSP training program in more detail.
But the price isn’t the only factor that you need to consider here; let’s walk you through the process of selecting an appropriate CISSP training program in more detail.
Online vs. Classroom Learning
Online vs. Classroom Learning
The debate between online and in-person learning has been ongoing for a while. However, online education is getting more popular, and it has become a widely accepted alternative to classroom learning for CISSP preparation. It does have some disadvantages, though, like less than adequate communication with instructors and colleagues. |
Also, if you don't own a reliable computer with a stable internet connection, things get even more challenging.
On the other hand, online learning has several advantages, like having the luxury of setting your own study hours and learning at your own pace. It also saves you the time and effort needed to commute to the classroom location.
As for classroom learning, some people still prefer it over online learning because interactions are much easier in person than through a computer screen. Also, a classroom setting is more suitable for the instructor to do practical workshops.
On the other hand, online learning has several advantages, like having the luxury of setting your own study hours and learning at your own pace. It also saves you the time and effort needed to commute to the classroom location.
As for classroom learning, some people still prefer it over online learning because interactions are much easier in person than through a computer screen. Also, a classroom setting is more suitable for the instructor to do practical workshops.
Training Provider Reputation
Before enrolling in a CISSP training program from a third-party provider, take time to check what former students have to say about it. Did it help them understand the materials in a better way? Did they pass the exam? Some training providers are officially endorsed by (ISC)², which is a good thing, but that doesn’t mean you should limit yourself to official training providers only. |
Several unofficial training providers offer well-rounded training programs at reasonable prices.
Exam Pass Guarantee
While there’s no such thing as a “passing guarantee”, many training providers market their programs with an exam pass guarantee, but it’s not really what you think it is. An exam pass guarantee can mean one of three things:
While there’s no such thing as a “passing guarantee”, many training providers market their programs with an exam pass guarantee, but it’s not really what you think it is. An exam pass guarantee can mean one of three things:
Mock Tests
Mock tests make up about 70% of your chances of passing the CISSP exam. By practicing with as many mock tests as possible, you’ll become more familiar with the type of questions you should expect in the exam. You’ll also notice that with each mock test, you’ll be able to finish it quicker. |
You do get a whopping 6-hour time frame in the exam to answer the questions, but trust us, you’ll need every single minute to think about those tricky, situation-based questions that seem like they have more than one correct answer.
Anyway, here are the details of the CISSP exam for your reference:
Anyway, here are the details of the CISSP exam for your reference:
Training Program Content
When choosing a training program for your CISSP exam preparation journey, make sure to take a look at the course content first to ensure that it covers everything in (ISC)²’s official CISSP common body of knowledge.
It’s also highly recommended that you pick a course that follows an interactive learning approach with hands-on projects and other assessment methods. |
A training program that relies on video presentations, for the most part, won’t really help you that much. Oh, and it’d be even better if the program includes real case studies from the industry.
CISSP Cost
The CISSP exam costs $699, but keep in mind that the cost may vary depending on the exam’s location. And if you decided to reschedule the exam, you’d have to pay a $50 fee, so only book the exam if you’re 100% sure you’ll be able to do it on the set date. Also, if you cancel the exam for any reason, you’ll pay a $100 fine.
|
However, it's essential to consider that the cost of getting certified as a CISSP isn't limited to the exam price. You'll have to pay for training, which in most cases, will cost you more than the exam itself. And it would be best if you also weighed in the possibility of not passing the exam from the first attempt, too.
According to statistics, only about 20% of CISSP candidates pass the exam on their first attempt. We’re not trying to demotivate you, but it wouldn’t hurt to prepare yourself for the worst-case scenario with such a low CISSP pass rate.
According to statistics, only about 20% of CISSP candidates pass the exam on their first attempt. We’re not trying to demotivate you, but it wouldn’t hurt to prepare yourself for the worst-case scenario with such a low CISSP pass rate.
CISSP Retake Policy
Along with the cost of getting certified, you should keep in mind that the CISSP certificate must be renewed once every 3 years for $85/year. However, it’s not just about the fees; you need to earn 40 PCEs (Continuing Professional Education) every year over a 3-year period to become eligible for recertification.
Some of the activities may cost you more money. But still, since you’ll automatically become a member of (ISC)² once you pass the exam and get endorsed by a CISSP holder, you should be able to earn PCEs through discounted or even free training programs or seminars. |
Here are some of the activities that you can do to keep your credential going:
- Take courses in cybersecurity
- Publish articles in security-related journals
- Complete academic courses
- Attend security conferences
- Train other professionals in CISSP best practices
- Volunteer
- Become an active member in an association chapter
Frequently Asked Questions
Can I Take the CISSP Exam Without Experience?
You won’t have the opportunity because it’s mandatory to have at least 5 years of relevant work experience to attempt the CISSP exam. Even if you could take the CISSP exam without experience, you won’t be able to pass it because it’s challenging.
What Is the Salary of a CISSP?
Based on the data collected by glassdoor.com, the mean salary of a CISSP in the United States is $102,688 per year. And according to the reports published on payscale.com, that number goes up to $112,234 per year. Of course, these numbers can vary based on your current career level, skills, and location.
Generally speaking, getting certified as CISSP can be very rewarding down the line if you play your cards right.
How Many Hours Should I Study for CISSP?
That’s a tricky question to answer since there isn’t a magical formula that calculates the number of hours you need to study to pass the CISSP exam. Many variables come into play, like your experience and existing knowledge of the CISSP topics.
As a general rule of thumb, preparing for the CISSP should take you somewhere between 3 and 6 months based on the number of hours you can dedicate to studying every day.
Is the CISSP Certification Worth It?
Due to the limited number of CISSP holders, CISSP is highly in demand, which undoubtedly makes it worthwhile for IT security professionals. Not to mention, the certification has a respectful global recognition, allowing you to get jobs with it in any part of the world. However, it may not be for everyone, so make sure that the certification aligns with your career goals.
Will CISSP Get Me a Job?
CISSP is hard to obtain, which means that it’s one of the most valuable certificates in the world of cybersecurity. You can’t even attempt the exam unless you have a good deal of experience under your belt. The CISSP certification doesn’t guarantee you that you’ll get a particular job, but it definitely helps you stand out from the crowd and impress your potential employers.
Which Is Better CISSP or Security+?
Well, it really depends on your current career stage. If you’ve only recently started out in the IT security field, the Security+ certification would be an excellent option for you.
On the other hand, if you’re a senior IT security professional who’s already taken many certificates and has around 5 years of work experience in 2 or more of the CISSP domains, then the CISSP certification would be the logical choice here.
However, even if you’re at the beginning of your career, considering the CISSP certification as your long-term goal isn’t a bad idea.
You won’t have the opportunity because it’s mandatory to have at least 5 years of relevant work experience to attempt the CISSP exam. Even if you could take the CISSP exam without experience, you won’t be able to pass it because it’s challenging.
What Is the Salary of a CISSP?
Based on the data collected by glassdoor.com, the mean salary of a CISSP in the United States is $102,688 per year. And according to the reports published on payscale.com, that number goes up to $112,234 per year. Of course, these numbers can vary based on your current career level, skills, and location.
Generally speaking, getting certified as CISSP can be very rewarding down the line if you play your cards right.
How Many Hours Should I Study for CISSP?
That’s a tricky question to answer since there isn’t a magical formula that calculates the number of hours you need to study to pass the CISSP exam. Many variables come into play, like your experience and existing knowledge of the CISSP topics.
As a general rule of thumb, preparing for the CISSP should take you somewhere between 3 and 6 months based on the number of hours you can dedicate to studying every day.
Is the CISSP Certification Worth It?
Due to the limited number of CISSP holders, CISSP is highly in demand, which undoubtedly makes it worthwhile for IT security professionals. Not to mention, the certification has a respectful global recognition, allowing you to get jobs with it in any part of the world. However, it may not be for everyone, so make sure that the certification aligns with your career goals.
Will CISSP Get Me a Job?
CISSP is hard to obtain, which means that it’s one of the most valuable certificates in the world of cybersecurity. You can’t even attempt the exam unless you have a good deal of experience under your belt. The CISSP certification doesn’t guarantee you that you’ll get a particular job, but it definitely helps you stand out from the crowd and impress your potential employers.
Which Is Better CISSP or Security+?
Well, it really depends on your current career stage. If you’ve only recently started out in the IT security field, the Security+ certification would be an excellent option for you.
On the other hand, if you’re a senior IT security professional who’s already taken many certificates and has around 5 years of work experience in 2 or more of the CISSP domains, then the CISSP certification would be the logical choice here.
However, even if you’re at the beginning of your career, considering the CISSP certification as your long-term goal isn’t a bad idea.
Final Thoughts
Pursuing the CISSP certification is a long journey that requires dedication, time, money, and effort. Nevertheless, it’s an investment that can take your career to the next level, so it’s definitely worthwhile.
By now, you should’ve developed more awareness about the CISSP certification requirements, training, and costs. Things may seem overwhelming at first, but once you book the exam and start studying, you should be more comfortable with the whole process.
So, what are you waiting for? Fill out the application form, and once you’re accepted, enroll in a training program, get your CISSP ebook guide, and start studying!
By now, you should’ve developed more awareness about the CISSP certification requirements, training, and costs. Things may seem overwhelming at first, but once you book the exam and start studying, you should be more comfortable with the whole process.
So, what are you waiting for? Fill out the application form, and once you’re accepted, enroll in a training program, get your CISSP ebook guide, and start studying!
Thinking about CISSP certification? Take the next step and sign-up for your free CISSP NOW! ebook study guide!