Certified Information Systems Security Professional (CISSP)

Definition - What does Certified Information Systems Security Professional (CISSP) mean?

A Certified Information System Security Professional (CISSP) is a vendor-neutral independent certification, offered by the International Information System Security Certification Consortium (ISC2).

CISSP is a globally recognized certification that broadly tests, evaluates and validates an individual’s knowledge, skills and experience in the field of information security.

Free White Paper: "AI in the Insurance Industry: 26 Real-World Use Cases" | Discover what the future of insurance holds and how AI innovation can be used to hit the mark even more precisely.

Techopedia explains Certified Information Systems Security Professional (CISSP)

CISSP is one of the most popular, widely recognized and highly accepted certifications in information security. It was introduced in 1994. An individual seeking CISSP certification must complete all the requirements, which includes passing a comprehensive 6-hour exam covering ten broad information security domains, along with proof of valid work experience in any domain of information security.

The testing domains of CISSP are:

· Access control

· Cryptography

· Operations security

· Business continuity and disaster recovery planning

· Legal, regulations, investigations and compliance

· Physical security

· Security architecture and design

· Software development security

· Information security risk and governance

· Telecommunications and network security

CISSP is also offered in three different concentrations/specializations including:

· CISSP Architecture (CISSP-ISSAP)

· CISSP Management ( CISSP-ISSMP)

· CISSP Engineering (CISSP-ISSEP)