cissp certification badgeCISSP certification validates the ability to expertly design, engineer and manage an organization's information security posture.

A Certified Information Systems Security Professional (CISSP) plans and manages the controls that keep IT and business systems secure. CISSPs are policy-makers and leaders in today's hottest security domains, including cloud security, software development security, cryptography, security architecture and risk management.

CISSPs are in high demand in a range of government and private organizations, including Fortune enterprises, martial agencies, healthcare practices, military contractors and the Department of Defense (DoD). If you want to advance your IT security career and you have at least five years of relevant experience, then CISSP certification should be a strong consideration in your learning plan.

Skills Measured by CISSP Certification

The CISSP certification exam measures your skills and expertise in 8 sought-after security domains:

Security & Risk Management

This part of the CISSP certification exam covers the key principles of information security and risk management. It includes topics such as information security governance, ethical considerations, policies, procedures and regulations.

Asset Security

The asset security domain focuses on protecting organizational data by ensuring its confidentiality, integrity and availability (a.k.a. the "CIA triad"). It includes topics such as asset classification and ownership, data privacy, secure data handling and asset disposal.

Security Architecture and Engineering

Security architecture and engineering covers the design, implementation and maintenance of secure systems and IT infrastructure. This section of the CISSP cert includes subjects like security models, security controls, secure design principles and cryptography.

Communication and Network Security

This domain pertains to the protection of vital network infrastructure and communications channels. It includes topics like network protocols, secure communication channels, network security architectures and securing and managing virtual private networks (VPN).

Identity and Access Management (IAM)

IAM highlights the importance of controlling access to information resources based on user roles and responsibilities. This CISSP exam domain includes topics such as authentication, authorization, access control and identity management.

Security Assessment and Testing

Security assessment and testing is all about evaluating the effectiveness of security controls and identifying vulnerabilities in an organization's security posture. This section includes topics such as vulnerability assessments, security audits and penetration testing.

Security Operations

This CISSP certification domain involves the day-to-day management of security operations, including incident management, disaster recovery, business continuity planning and managing a security operations center (SOC).

Software Development Security

This CISSP domain covers the range of cyber security considerations in the software development lifecycle, including secure coding practices, application testing and software vulnerability management.

CISSP Eligibility Requirements

You must meet the following criteria to sit for the CISSP certification exam:

  • Five (5) or more years of paid full-time work experience in two or more of the 8 CISSP security domains listed above
  • OR
  • Four (4) years of the aforementioned work experience, plus a relevant bachelor's degree OR an advanced information security degree from a National Center of Academic Excellence (the degree can count for one year towards the five-year experience requirement). The accredited security degrees below can help you satisfy the CISSP eligibility requirements.

CISSP recertification requirements:

Once achieved, CISSPs must recertify every 3 years to remain in good standing. This is accomplished by earning Continuing Professional Education (CPE) credits. Credits can be earned through attending online courses, webinars and other events in the latest information security trends. 120 CPEs are required every 3 years to maintain the CISSP certification.

CISSP Certification Exam

Candidates must pass one exam to become CISSP certified:

  • (ISC)2 CISSP Certification Exam

Here are the details for the CISSP certification exam:

Time Limit: 4 hours
CISSP Length: 125 - 175 items
Format: Multiple choice questions + Advanced innovative items
Passing Score: 700 out of a possible 1000 points
CISSP Exam Cost: $749
Where to Test: (ISC)2 Authorized Partners + Select Pearson Vue Testing Centers

Related: Compare CISSP Certification Bootcamps.

CISSP Certification Cost

The CISSP certification exam costs $749. This price is for the examination only; if you need additional training to pass the test, that will cost more. CISSP training costs range from less expensive online programs like this CISSP bootcamp, to pricier IT security degrees with a longer timeline and deep info-sec curriculum.

Search IT courses and degrees by job role, technology platform, and concentration.

CISSP Certification Jobs

Your CISSP certificate, information security experience and education qualifies you for a variety of positions including:

Search Jobs

CISSP Certification Salary

Average salaries for CISSP-certified professionals and related IT security certification holders:

  • CRISC: Certified in Risk and Information Systems Control: $167,145
  • CISM: Certified Information Security Manager: $162,347
  • CISSP: Certified Information Systems Security Professional: $158,190
  • AWS Certified Security – Specialty: $149,740
  • CISA: Certified Information Systems Auditor: $142,336
  • CEH: Certified Ethical Hacker: $139,539

Salary by information security certification.
Source: Skillsoft 2022 Salary Survey

Related Certifications

Related Careers

(ISC)2, (ISC)2 Logos and (ISC)2 Certifications are registered marks of the International Information Systems Security Certification Consortium in the United States and other countries.

About the Author

IT Subject Matter ExpertDaniel Greenspan is the founder and Editor-in-chief of ITCareerFinder. Working closely with IT professionals, world-class trainers, and hiring managers since 2005 has given him unique insight into the information technology job market and the skills and credentials IT pros need to succeed.