Is CISSP certification the Gold standard in the industry?

Certification: ISC CISSP - Certified Information Systems Security Professional


Most people refer to CISSP is referred to as the gold standard in the information security certifications for several reasons. For one, it was the first information security certification accredited to ISO/IEC Standard 17024.  People all over the world recognize CISSP as a standard of achievement and effective measure of expertise because of the following reasons:

It is not easy to attain and maintain

The fact that to acquire CISSP, one must have acquired hands-on experience for at least five years in one or two of the ten domains of the CISSP common body of knowledge (CBK)means that CISSP is not a common standard—it is a golden standard. If one does not have work experience spanning five years, he or she must have worked for four years plus possess a four-year college degree or a master's degree in information security.  The type of CISSP professional experience required includes:

  • Teaching, training, instructing and mentoring of others
  • Creative writing and oral communication
  • Supervision of fellow workmates while working with minimum supervision of one's self
  • Research and development
  • Management of projects and other employees
  • Work requiring intellectual achievement often including a college degree or a liberal education
  • Work requiring habitual memory of a wealth of knowledge shared with individuals working on similar projects
  • Work that requires the exercise of judgment, discretion and management of decision-making
  • Work that requires workers to demonstrate ethical judgment rather than ethical thinking
  • The specifications and selection of mechanisms and controls involving identification and authentication technology

The International Information Systems Security Certification Consortium, (ISC)2 , updates the CISSP exam four times per year to retain its credibility. What is more, those that hold CISSP certifications must obtain 120 continuing professional education (CPE) credits every three years. They should obtain a minimum of 20 CPE credits annually. Why is it so? In order to ensure that CISSP-certified individuals are conversant with the latest threats and solutions important in the field of information security.

CISSP professionals earn CPE credits through:

  • Completing volunteer work
  • Serving on industry boards
  • Publishing security articles or books
  • Providing security training
  • Self-study
  • Completing university or college courses
  • Attending educational courses and workshops
  • Attending security conferences
  • Listening to vendor presentations
  • Obtaining a membership to an association chapter and attending meetings

It is a requirement for jobs in the whole world

CISSP certification is not only a requirement for jobs in the public sector but also in the private sector. It is a requirement by employers all over the world. It is a well-known fact that a CISSP-certified individual has a wealth of knowledge, experience and competence in the taxonomy of the (ISC)2. The taxonomy consists of very important recent topics such as application security and risk management as well as cloud computing.

Adherence to a code of ethics

The CISSP holders must not only pass the CISPP exam to demonstrate expertise but also adhere to a code of ethics. It implies that the CISSP certified individuals are people of high caliber and discipline. They must also obtain endorsement and continue to building on their knowledge through continuing professional education.  A CISSP professional with a good standing endorses a candidate before he or she acquires CISSP certification. The endorsement process requires that a CISSP professional attest to your experience and qualifications.  It therefore implies that becoming a CISSP is a privilege that an individual has to earn and guard well. These requirements assure employers all over the world that an individual is highly qualified, passionate and committed to the profession.

CISSP is a career differentiator

Attaining a CISSP makes a big difference between you and those yet to acquire a CISSP. For one, you have demonstrated your expertise, and you can market your skill. The best thing is that you will not do much of the marketing; the CISSP certification has a good reputation and sells itself.  With a CISSP, you not only enjoy interaction with a professional community but also access to unlimited resources such as networking and peer collaborations, publications and free continuing education.  You stand a chance of advancing your career and earning more than your counterparts who lack the CISSP certification.  According to a study conducted by the (ISC)2 in 2011, CISSP-certified professionals earn 25 percent more than those without the CISSP certification do.

CISSP can pursue other careers

The CISSP certification is the golden standard in the industry because CISSP holders not only qualify for information security jobs but also can pursue careers in management, architecture, as well as engineering.  The concentrations enable CISSP to show specializations on important functional areas. To maintain the CISSP credential and be in a position to pursue other careers, a CISSP holder must excel in appropriate exams, each containing a set of the CBK domains, and maintain a good standing. If a CISSP holder obtains concentrations in management, architecture or engineering, he or she has access to a career path that provides opportunities for higher ranks in big enterprises, specialized certifications that acknowledge the talents of the person and more opportunities to further education.

According to a study conducted IN 2005 by global analyst firm but funded by (ISC)2, the total responsibility for information security moved up the management level as more respondents claimed that the board of directors and the CEO or a CISO or CSO was responsible for information security in their companies. What is more, the study showed that about 75 percent of all participants believed that their relevance and interaction with the board of directors and executives would improve in the future. It implies that holders of CISSP would influence decision-making processes regarding information security in companies where they worked.

Concisely, CISSP is a golden standard accepted in the entire globe and one that influences hiring decisions, salary decisions, as well as designations in companies.


Related IT Guides

  1. CISSP Certifications: Required Versus Recommended Experience
  2. CISSP: How to earn CPEs?
  3. Eleventh Hour CISSP: What to do?
  4. How Much Can You Earn with CISSP Certification?
  5. How often CISSP exam format gets updated?
  6. How to become (ISC)2 associate?
  7. How to prepare for CISSP exam?