Top of Page

CISSP LogoCertified Information Systems Security Professional


Get the Premier Cybersecurity Certification

Note: Effective April 15, 2018, the CISSP exam will be based on a new exam outline. The domains and their weights have changed. Please refer to the CISSP Exam Outline and our FAQs for details.

You live and work on the forefront of information security. Every day malicious hackers grow smarter. You always have to stay one step ahead to keep your company safe.

Prove you have what it takes with the CISSP certification!

This cybersecurity certification is an elite way to demonstrate your knowledge, advance your career and become a member of a community of cybersecurity leaders. It shows you have all it takes to design, engineer, implement and run an information security program.

The CISSP is an objective measure of excellence. It’s the most globally recognized standard of achievement in the industry. And this cybersecurity certification was the first information security credential to meet the strict conditions of ISO/IEC Standard 17024.

Are you up for the challenge?

Steps to Certification

  1. Step 1
  2. Step 2
  3. Step 3
  4. Step 4

Meet CISSP Eligibility

To qualify for this cybersecurity certification, you must have:

  • At least five years of cumulative, paid, full-time work experience
  • In two or more of the eight domains of the (ISC)2 CISSP Common Body of Knowledge (CBK)

Don’t have enough work experience yet? There are two ways you can overcome this obstacle.

You can satisfy one year of required experience with:

Your second option is to take and pass the CISSP exam to earn an Associate of (ISC)2 designation. Then, you’ll have up to six years to earn your required work experience for the CISSP.

Create an Account at Pearson VUE and Schedule Your Exam

To schedule an exam, you must create an account at Pearson VUE.

Pearson VUE is the leading provider of global, computer-based testing for certification and licensure exams. You can find details on testing locations, policies, accommodations and more on their website.

Once you’ve set up your account and are ready to register, you’ll need to:

  • Complete the Examination Agreement. You agree to the truth of your assertions regarding professional experience. You also legally commit to the adherence of the (ISC)² Code of Ethics.
  • Review the Candidate Background Questions.
  • Pay the exam fee.

Pass the Exam

This is the day to show your greatness! You’ll have 3 hours to complete a maximum of 150 exam items on the CISSP exam.

You must pass the exam with a scaled score of 700 points or greater.

Want more details? Read our exam scoring FAQs.

NOTE: The (ISC)² CISSP English exam will be conducted via Computerized Adaptive Testing (CAT) only. Learn how CISSP CAT benefits you.

If you are taking the CISSP exam in any language other than English, you will be evaluated using a linear, fixed-form exam based on the same exam content outline. You will have a maximum of 6 hours to complete 250 exam items.

Subscribe to the (ISC)² Code of Ethics and Get Endorsed

Let’s say you pass the exam. Then what?

Before this cybersecurity certification can be awarded, you have to:

  • Subscribe to the (ISC)² Code of Ethics.
  • Have your application endorsed.

Your endorsement form must be completed and signed by an (ISC)² certified professional. He or she needs to be an active member who can confirm your professional experience.

(ISC)² can endorse you if you can’t find a certified individual.

You have nine months from the date of the exam to complete these steps. If you don’t, you have to retake the exam to get certified.

Want to learn more? Read our endorsement assistance guidelines.

Get to Know the CISSP

  • Why Become a CISSP Why Become a CISSP

    Here are just a few reasons to pursue the CISSP certification. You will:

    • Catapult your career. As other CISSPs will tell you, this certification will raise your visibility and credibility, improve your job security, create new opportunities for you or even increase your salary — depending on your country and employer. On average, (ISC)² members report having 35 percent higher salaries than non-members. (Source: “2017 Global Information Security Workforce Study”)
    • Challenge yourself to grow and be better. The CISSP exam is a rigorous test of your knowledge. But well beyond the exam, the CISSP is about reaching a deeper, better and broader understanding of the common body of knowledge for cybersecurity. It’s an exhilarating feeling to become a CISSP.
    • Give yourself access to (and respect from) a global community of peers. Information security careers can feel isolating at times. With the CISSP, you earn membership in (ISC)² — a global community of thought leaders. You’ll meet experts who share your passion. You’ll be able to share ideas and find new ways to improve your craft. And you’ll open yourself up to connections around the world.
    • Strengthen the skills you need to protect your organization. The CISSP focuses on the practical application of cybersecurity knowledge and tools. It explores actual, on-the-job issues and risks. And it gives you a systematic approach to cybersecurity. All of this means you’ll expand the skills and knowledge you need to fulfill your duty to your organization.


    What the Industry Is Saying About the CISSP

    The CISSP is ANSI-Accredited
    The CISSP certification is accredited by the American National Standards Institute (ANSI). This means it complies with the International Organization for Standardization and International Electrotechnical Commission (ISO/IEC) 17024 Standards. Why is accreditation important when choosing a certification program? Visit the Institute for Credentialing Excellence website for details.
  • Should You Pursue the CISSP? Should You Pursue the CISSP?

    You’re the type who craves challenges. You’re always looking for ways to expand your knowledge. And you’d like to take your career to a new level of success.

    Sound familiar?

    If yes, it’s time to rise to the occasion with the most-esteemed cybersecurity certification in the world. The CISSP is the right choice for you if you: 

    • Are an experienced, high-achieving information security professional.
    • Are involved in designing, developing and managing the overall security posture of an organization, from cybersecurity strategy to hands-on implementation.
    • Want to gain more respect from your peers and boss, while you strengthen your skills and confidence as a security professional.
    • Appreciate a challenge and want to feel the exhilaration of passing this rigorous exam and joining our elite community.
    • Need a certification that is DoD 8570 approved. (It’s listed in the categories: IAT Level III, IAM Level II, IAM Level III, IASAE I, and IASAE II.)

     The CISSP is ideal for those working in roles such as:

    • Security Consultant
    • Security Analyst
    • Security Manager
    • Security Auditor
    • Security Architect
    • IT Director/Manager
    • Director of Security
    • Network Architect
    • Security Systems Engineer
    • Chief Information Security Officer
  • Get the CISSP Exam Outline Get the CISSP Exam Outline

    The exam outline is a free resource that details the major topics and subtopics within the domains that are covered on the CISSP exam. Reviewing this outline will help you determine which topics you may feel less confident about and develop a study plan around those topics.

    Note: Effective April 15, 2018, the CISSP exam will be based on a new exam outline. The domains and their weights have changed. Please refer to the CISSP Exam Outline and our FAQs for details.

    CISSP - English

    CISSP - Chinese

    CISSP - Japanese

    CISSP - French

    CISSP - German

    CISSP - Korean

    CISSP - Spanish

    CISSP - Portuguese

  • Getting CISSP Training That’s Right for You Getting CISSP Training That’s Right for You

    The CISSP is the gold standard of cybersecurity certifications. We know you’re determined to pass!

    Prepare for your exam through a combination of CISSP training courses and individual study. And learn from (ISC)2 — the creator of the CISSP CBK!

    Simply choose the best training format for your schedule, needs and learning style.


    Classroom-Based Training

    • Ideal for hands-on learners. We offer the most thorough review of the CISSP CBK, industry concepts and best practices.
    • Five-day training event delivered in a classroom setting. Eight hours a day.
    • Available at (ISC)2 facilities and through (ISC)2 Official Training Providers worldwide.
    • Led by authorized instructors.

    Get details on Classroom-Based Training.


    Private On-Site Training

    • A cost-effective and convenient training solution if your organization has 10 or more employees taking the exam.
    • Tailored to your team’s schedule, budget and certification requirements.
    • Conveniently taught in your office space or a local venue.
    • Led by authorized instructors.

    Get details on Private On-Site Training.


    Instructor-Led Training

    • Participate from the convenience of your computer. This saves you travel time and expense.
    • Weekday, weekend and evening options to fit your needs.
    • Comprehensive review of the CBK, so you’re ready for this cybersecurity certification.
    • Delivered in a variety of schedules with weekday, weekend, and evening options to suit your needs.
    • Access to recordings of all course sessions for 60 days.
    • Led by authorized instructors.

    Get details on Instructor-Led Seminars.

    Self-Paced Icon

    Self-Paced Training

    • A powerful alternative to traditional classroom training. You’ll use modular training and interactive study materials.
    • Virtual lessons taught by authorized instructors through HD video.
    • Rich content equal to classroom training. It meets certification course requirements.
    • 120 days to access the content from any web-enabled device. Available any time and as often as you want.

    Get details on Self-Paced Training.

    CISSP Training Course Overview

    Our training helps you fully prepare for this cybersecurity certification. You will:

    • Review, refresh and expand your information security knowledge (including information security concepts and industry best practices).
    • Identify areas you need to study for the CISSP exam.

    You can expect an in-depth review of the eight domains of the CISSP CBK — including discussion of industry best practices and timely security concepts.

    (ISC)² authorized instructors lead all our training. You’re learning from CISSP-certified industry experts who understand you. They are CISSPs themselves. They know how to make the content highly relatable. And they go through a rigorous process to teach to our CBK.

    Plus, we use proven adult learning techniques to reinforce topics. This approach increases how much knowledge you retain. Our techniques are highly interactive. They focus on real-world learning activities and scenarios, so you get the most out of training.

    Self-Study Tools

    In addition to training, we offer resources to help you with self-study. Our resources include the:

  • Taking Your CISSP Exam Taking Your CISSP Exam
      English Exam Non-English Form
    Delivery Method Computer Adaptive Testing (CAT) Linear, Fixed-Form
    Length of exam Up to 3 hours

    Up to 6 hours

    Number of questions    100 - 150 questions

    250 questions

    Question format Multiple choice and advanced innovative questions

    Multiple choice and advanced innovative questions

    Passing grade A passing score is 700 out of 1000 points

    A passing score is 700 out of 1000 points

    Exam Languages
    • English
    • French
    • German
    • Brazilian Portuguese
    • Spanish
    • Japanese
    • Simplified Chinese
    • Korean
    Testing Center

    Pearson VUE Testing Center

    Pearson VUE Testing Center


    Ready to sign up for the exam? Visit the Pearson VUE website to create an account and book your exam.

  • Maintaining or Regaining CISSP Certification Maintaining or Regaining CISSP Certification

    Once you’ve earned this world-class cybersecurity certification, you become a member of (ISC)2. You enter one of the largest communities of information security professionals in the world. You gain access to unparalleled global resources and networking.

    Quite simply, you have endless opportunities to grow and refine your craft.

    But certification is a privilege that must be earned and maintained.

    To remain in good standing with your CISSP, you need to:

    • Abide by the (ISC)² Code of Ethics.
    • Earn and post Continuing Professional Education (CPE) credits.
    • Pay your Annual Maintenance Fee (AMF).

    Here’s a closer look at each.

    Abiding by the (ISC)² Code of Ethics
    You agree to fully support and follow the (ISC)² Code of Ethics.

    Earning and Posting CPE Credits
    Security technology is constantly changing. (You know this well!) You need to earn CPE hours to stay well-rounded and keep up your expertise. 

    The CISSP certification has both annual and three-year, overall CPE requirements.

    CPEs may sound like a big task. However, (ISC)² makes it easy for you to earn your CPE credits on a regular basis.

    We offer access to:

    • Live educational events around the world.
    • Online seminars that can be taken in the comfort of your home or office. They’re available exclusively to (ISC)² members.
    • And many more learning opportunities.

    Annual Requirement
    For the CISSP, you need to earn and post a minimum of 40 CPE credits. You need to do so before your certification annual anniversary date.

    Three-Year Certification Requirement
    Over the three-year CISSP certification cycle, you must earn and post a minimum of 120 CPE credits.

    Paying Annual Maintenance Fees (AMFs)
    Once you earn this cybersecurity certification, you must pay USD$85 each year of your three-year certification cycle. Your payment is due before your certification or recertification annual anniversary date.

    Your payments help ensure that (ISC)² has the financial resources to:

    • Be a functional, dynamic entity for leading information security professionals (like you) far into the future.
    • Develop more CPE opportunities.
    • Continue to meet the certification needs and requirements of information security professionals.
    • Maintain member records.

    How to Regain Membership if Your CISSP Ceases

    If you wish to regain membership, you’ll need to:

    • Pay any outstanding AMF payments. (This needs to take place before you sit for the exam.)
    • Retake and pass the exam to become certified again.
    • Contact Member Services to reactivate your certification after you pass the exam.

     Do you have questions about maintaining your CISSP certification? Ask Member Services.

  • Beyond the CISSP: Choosing a Concentration Beyond the CISSP: Choosing a Concentration

    You work on the new frontier of information security. Every day it changes and evolves. And we know you’re passionate about staying ahead, expanding your knowledge and mastering your craft.

    That’s why (ISC)² developed CISSP Concentrations — an optional pursuit for those looking for new career paths, opportunities and leading-edge knowledge.

    CISSP Concentrations highlight your evolving expertise in information security:

    • Architecture
    • Engineering
    • Management 
    These specialized credentials build upon the CISSP.



    CISSP-ISSAP Information Systems Security Architecture Professional

    For: CISSPs who specialize in developing, designing, implementing and analyzing security solutions/programs and providing management with risk-based guidance to meet organizational goals.

    Must have: Two years of professional experience in architecture.



    CISSP-ISSEP Information Systems Security Engineering Professional

    For: CISSPs who specialize in the practical application of systems engineering principles and processes to develop secure systems.

    Must have: Two years of professional experience in engineering.

    Worth noting: This concentration was developed in conjunction with the U.S. National Security Agency (NSA). It offers an invaluable tool for any systems security engineering professional.



    CISSP-ISSMP Information Systems Security Management Professional

    For: CISSPs who specialize in establishing, presenting and governing information security programs, in addition to demonstrating deep management and leadership skills.

    Must have: Two years of professional experience in management on a large, enterprise-wide security model.


    Wondering whether a concentration makes sense for you? Learn more. 

Stay on the Forefront of CISSP Topics

Show Them You're the Cybersecurity Expert

Download Your Free CISSP Ultimate Guide