CISSP Certification Overview

By University Alliance
CISSP online

The need for a standardized certification program in information systems security started in the mid-1980s; benchmarks were needed that would provide structure and demonstrate competence among IT security professionals.  In 1989, the non-profit organization, International Information Systems Security Certification Consortium or "(ISC)2" formed with this professional training goal in mind. 

The (ISC)2 developed the CISSP, or Certified Information Systems Security Professional, an independent information security certification.  Since its inception, CISSP has led to industry acceptance of this global standard and its requirements.

The CISSP Examination and the CBK

The CISSP certification examination is based on a Common Body of Knowledge (CBK) as defined by the ISC. This is a common framework of ten terms and principles that information security professionals worldwide use to discuss, debate and resolve matters pertaining to the profession.

Information security has long held confidentiality, integrity and availability (known as the CIA triad) to be the core principles of information security. The CISSP CBK attempts to balance these three core values across the ten CBK domains:

  • Access Control
  • Software Development Security
  • Business Continuity and Disaster Recovery Planning
  • Cryptography
  • Information Security Governance and Risk Management
  • Legal, Regulations, Investigations and Compliance
  • Operations Security
  • Physical (Environmental) Security
  • Security Architecture and Design
  • Telecommunications and Network Security

CISSP Requirements and Professional Training

To become a CISSP you must meet the following requirements*:

  • At least five years of direct full-time security work experience in two or more of the ten above-mentioned CBK domains.  You may earn a one year waiver if you have a four-year college degree, a Master’s degree in Information Security, or one of several other certifications. 
  • Attest to the truth of your professional experience and accept the CISSP Code of Ethics.
  • Answer four background and criminal history questions.
  • Pass the CISSP exam with a scaled score of 700 points or greater out of 1000 possible points.
  • Have another CISSP in good standing endorse your work experience and qualifications.

Ongoing Certification

The CISSP certification is valid for three years, and can be renewed by re-taking the exam. A more common renewal method is to complete at least 120 Continuing Professional Education (CPE) credits since your last renewal.

To keep your CISSP certification, you must earn and submit a total of 120 CPEs by the end of your three-year certification cycle. Payment of an $85 Annual Membership Fee for each year of the three-year certification cycle is also required.

You can earn your CPEs by attending seminars and conferences, taking and/or teaching classes, volunteering, engaging in professional writing, or other professional training activities in areas covered by the CBK. You will usually earn one CPE for each hour of time spent; preparing training for others earns 4 CPEs/hour, published articles are worth 10 CPEs, and published books 40 CPEs.

Benefit From a Villanova Master Certificate – 100% Online!

money icon

Average Annual Salary


The 2011 (ISC)2 Global IS Workforce Study says cyber security certification pays off: (ISC)2-certified professionals in the Americas average $106,900 annually – $14,000 more than those without it.*

jobs icon

U.S. Cybercrime Net Cost

$139.6 Billion

No wonder cyber security skills are so valuable – the financial impact of Internet-related crimes in 2011 was staggering.*

growth icon



Job opportunities for computer and information systems managers are predicted to rise well into 2018.*

certificate icon


SSCP®, CAP® & More

Villanova prepares you for these (ISC)2 exams, plus Security+™ and CNSS-National Standard 4011 (ISM-government program only).

*Certification requirements are subject to change. Prospects should consult with certifying association for current requirements.

Statistics used are sourced from: 2011 (ISC)2 Global IS Workforce Study (salary); Norton Cybercrime Report 2011 (net cybercrime cost); and Bureau of Labor Statistics 2010-11 Occupational Outlook Handbook (projected job growth).

Category: Information Systems Security