The information security education body, (ISC)2, has approved new professional experience and endorsement requirements for the Certified Information Systems Security Professional (CISSP) certification.From October, the minimum experience requirement for certification will be five years relevant work experience in two or more of the ten domains of the CISSP CBK – a catalogue of information security topics recognised by professionals worldwide.
The training certification group also confirmed that four years of work experience with an applicable university degree or a credential from the (ISC)2 approved list would suffice.
At present, CISSP candidates are required to have four years of work experience or three years experience with an applicable university degree or a credential from the list.
Also effective from October, candidates will be required to obtain an endorsement of their application from an (ISC)2 certified professional.
“It is critical that the rigors of our certification process reflect the increasingly complex demands information security professionals face today,” said Randy Sanovic, CISSP-ISSAP, ISSMP, (ISC)2 board chairperson. “Additional measures of experience and peer endorsement ensure a CISSP has a complete understanding of how to implement an effective information security program and manage information security risks and the ethical commitment to make the right choices along the way.”