Certified Information Systems Security Professional (CISSP)


Issued to William Ellwood
Issued by (ISC)²

The CISSP is a rigorous, vendor-neutral program that demonstrates competence across eight IT security domains. It is the NSA’s certification baseline for information security and policy management.

The CISSP curriculum covers subject matter in a variety of Information Security topics.[8] The CISSP examination is based on what (ISC)² terms the Common Body of Knowledge (or CBK). According to (ISC)², "the CISSP CBK is a taxonomy – a collection of topics relevant to information security professionals around the world. The CISSP CBK establishes a common framework of information security terms and principles that allow information security professionals worldwide to discuss, debate and resolve matters pertaining to the profession with a common understanding."[9]

From 15 April 2018, the CISSP curriculum is updated as follows:[10]

  • Security and Risk Management

  • Asset Security

  • Security Architecture and Engineering

  • Communication and Network Security

  • Identity and Access Management (IAM)

  • Security Assessment and Testing

  • Security Operations

  • Software Development Security