CISSP – Certified Information Systems Security Professional
CISSP®: The leading qualification for cyber security professionals
CISSP (Certified Information Systems Security Professional) is a longstanding and globally recognised management-level qualification developed by the International Information Systems Security Certification Consortium, or ISC2.
CISSP is a benchmark qualification for senior- and director-level managers in information security. It is highly sought after by employers and is designed to validate a person’s knowledge and experience in the field. CISSP holders are expected to have a deep understanding of security concepts and be able to apply them in a real-world setting.
To earn full certification upon passing the examination, candidates must also evidence a number of years of work experience in two or more of the eight domains that make up the CISSP curriculum, known as the CBK (Common Body of Knowledge). Those who have not accrued the necessary experience can apply for Associate status.
CISSP is an important milestone in a career towards director- and board-level management positions, such as CIO, CSO, CISO and CEO.
Who is CISSP training for?
CISSP is a popular senior-management-level qualification that employers look for when recruiting for CISO and CSO roles. Alongside CCSP, it is one of the best-regarded and most sought-after information security credentials.
Managers: CISSP is a great step up for those working in technical or management roles in cyber security or information security.
Graduates: The understanding you get from studying CISSP will make a huge difference to your work in junior roles and can help fast-track you to a senior-level career. While you gain the work experience to obtain full certification, your ISC2 Associate status will earn you respect.
Career transitions: CISSP is a sought-after qualification for those moving into cyber security from a career in other areas of security, including those with military training. We can help you understand how your background may count towards the required experience for full certification. For help, speak to a training expert today.
Flexible ways to train for CISSP
Why professionals choose our CISSP courses
Hear from our learners
Great course, good training/supplementary material and the facilitator was extremely knowledgeable. Would reccommend.”
Great trainer, content and interaction with participants - with the bonus that I was then confident enough to book and pass my CISSP within a week of the course. ”
Very knowledgeable trainer - the scope of CISSP is very wide so there is quite a bit to learn especially if you have become specialised in your career, so good to have an experienced trainer with lots of real world knowledge”
I found this course really useful, the book made much more sense after the course! ”
I enjoyed the course delivered by Jeff. Jeff is incredibly experienced and qualified in the field of cyber security. He helped demystify many topics I was having difficulty understanding. His use of real world examples, group discussions and 1-2-1 sessions was invaluable in helping me grasp key concepts of the CISSP. I highly recommend Jeff and the ITG CISSP blended course. ”
Speak to a Training Expert
Speak to one of our training experts for clear, practical guidance tailored to your role, organisation, and objectives. Whether you’re exploring options, comparing courses, or ready to book, we’ll help you find the right fit – with no obligation.
Frequently asked questions (FAQs)
The CISSP certification is ideal for those working in positions such as (but not limited to):
- Security consultant
- Security analyst
- Security manager
- Security systems engineer
- IT director/manager
- Chief information security officer
- Security auditor
- Director of security
- Security architect
- Network architect
The ISC2 CISSP certification has become a prerequisite for anyone developing a senior career in information security.
It provides information security professionals with an objective measure of competence and a globally recognised standard of achievement.
To qualify for CISSP certification, you must:
- Have a minimum of five years’ experience in two or more of the eight CBK domains;
- Pass the CISSP examination;
- Complete the endorsement process and subscribe to the ISC2 Code of Ethics; and
- Maintain certification through CPE (continuing professional education) credits.
If you do not have enough experience, you can still take the exam, but will be an Associate of ISC2 rather than a CISSP if you pass. You will then have six years to earn the necessary experience to become a CISSP.
The CISSP curriculum comprises an information security CBK, which is divided into eight domains:
- Security and Risk Management
- Asset Security
- Security Architecture and Engineering
- Communications and Network Security
- Identity and Access Management
- Security Assessment and Testing
- Security Operations
- Software Development Security
The standard registration fee for the CISSP certification exam is £585 in the UK.
Information about all (ISC)² exam fees can be found on the ISC2 website.
You can schedule your exam through the ISC2 website.
CISSP is a globally recognised certification for information security professionals. It validates expertise across security strategy, implementation and management.
CISSP certification, awarded by ISC2, demonstrates that you have the knowledge and experience to design, implement and manage a best-practice cyber security programme.
The CISSP exam is challenging. It covers eight domains of the ISC2 Common Body of Knowledge (CBK) and requires both technical knowledge and management-level thinking. Most candidates prepare for months before attempting the exam.
Yes. The exam is widely considered one of the toughest in the cyber security field, with a pass rate estimated at around 20–30%. Success requires thorough study and practical experience.
Yes. CISSP is one of the most in-demand security certifications worldwide. It often leads to higher salaries, senior roles and credibility with employers, clients and regulators.
CISSP is considered one of the top-tier security certifications. It’s particularly valuable for professionals aiming for leadership, governance or risk-focused roles in cyber security.
No. CISSP is an advanced certification requiring at least five years of paid work experience in two or more of the eight security domains. Beginners usually start with certifications like SSCP or CompTIA Security+ before moving to CISSP.
Not exactly, but many employers treat CISSP as equivalent to a postgraduate-level qualification because of its rigour and global recognition. Some academic institutions also give credits towards degrees for CISSP holders.
CISSP blends technical and managerial content. While it covers areas like security engineering and network security, it also focuses heavily on risk, governance and security leadership.
The CISSP exam is closed book. It uses computer-adaptive testing, with multiple-choice and scenario-based questions designed to assess both knowledge and judgement.