CISSP-ISSAP Study Guides Recommendations

I plan to take the CISSP-ISSAP exam this year. Has anyone taken the exam that can recommend good study materials? I am looking for one good book (ideally) for each of the domains covered by the ISSAP. I have found a few book recommendations, but these are mainly "possible" sources and none were confirmed as used in preparation for the actual exam.

Additionally, if anyone can share their exam experience, that would also be helpful. Specifically, does the ISSAP exam cover the same content as the CISSP exam, but in greater detail?

Regards,

Marc

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

Fugazi1000

Hi Marc,

I am also taking the exam this year (Feb infact!).

As you know the domains are:

Access Control Systems and Methodology
Cryptography
Physical Security Integration
Requirements Analysis and Security Standards, Guidelines, Criteria
Technology Related Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)
Telecommunications and Network Security

and the only single book (resource) I have seen that takes an architectural view of these is SABSA (google it). ISC2 provide a study list, with much overlap.

I'm really not sure of the depth of knowledge required, so would appreciate feedback from anybody that has taken the exam. I considered grandfathering this in 2004 when they just asked for a summary of 2 projects/personal experience from any of the domains. I didn't have the time to produce these before the deadline

muellmk

Fugazi1000,

Good luck with the exam and thanks for the book recommendation.

Would happen to have a copy of the study guide? I have reqesting it over and over from ISC2, but I never receive the email directing me to the download page nor the document key. I can get you my email address...

Marc

keatron

Hi. Guys, I took the official ISC2 prep for this certification (Hal Tipton was the instructor). I haven't had time to take the exam yet, but PM me and I'll be glad to email you copies of the notes I took in class. I'll probably be sitting it early spring myself.

Good luck.

HomerKhan

All,

I am a budding ISSAP candidate from Pakistan!

It would be much appreciated if you could refer me to any recommended book for this
certification or share any contextual material that any of you might have-

Your assistance will be highly appreciated!

Looking forward to hearing from you all soon.

Thanks

edmund2000

Dear all,

I am also planning to take the ISSAP, but seems that I can not find the good books, resource, it seems that there are not many people who had taken the exam and reference material is very limted.

I am appreciated if someone can share e.g notes etc .

Thanks
Edmund

Tom41

I found out 30% of my UK colleagues were certified in July 2008, wasted some time and money looking for study/guide, got serious in 8/2008; 80 hours of preparation over one month using only Free practice exams for the CISSP, CISA, SSCP, GSEC- cccure.org - Bringing Education to the World. I passed CISSP in 9/2008 and ISSAP in 10/2008 and wrote my passage in a booklet. Just read the preview/Look inside.
Amazon.com: EXAM GUIDE FOR CISSP® AND ISSAP®: Thomas Chen: Books

j_a_s_o_n

There will be an official cbk book out from ISC2 for it, but not until July of next year, last I heard.

RTmarc

That's more than I've heard. I talked with the Education group last week and they said they still didn't have an ETA on the book.

j_a_s_o_n

I'm really surprised that there's not something out yet. It seems like they're pushing the ISSEP, but that's about it.

down77

There was a post about study materials for the ISSAP on CCCure a little while back. When I get home from work later tonight I'll post my reading list that I plan to use as I study to attempt the ISSAP later this year or early 2010.

Suze

I don't know how much help this will be but ..here is what I found.

The Krutz & Vines CISSP and CAP Prep Guide (Platinum Edition) has a section on ISSAP. But it is SHORT, only 5 pages! It is listed as a concentration of CISSP and here is a summation of what it says (summation)

Study the Access Control CBK of CISSP
Study the Telecommunication CBK of CISSP
There is about one page on Requirements Analysis and Security Standards and Guidelines.
About 2/3 page on Design Architecture
Study the Technology related Business Continuity Planning and Disaster Recovery Planning sections in the CBK CISSP
Study the Information System Security Standards and Guideliness in the CBK CISSP
And Study the Physical Security Integration in the CBK CISSP.

The only NEW thing was the Assessment and Effectiveness of Security and Information Systems Design. This is a 60+ page chapter on the System Authorization Process.

Not much help, eh?

j_a_s_o_n

It looks like there are a handfull or so of books coming out Aprilish of 2010 now. There's an exam in town in october, I'll be shooting for that so they won't do me much good. I've managed to clap eyeballs on the official review materials from ISC2, which look like they'll be helpful.

joepau

Hi Keatron I´m planning to study for the CISSP ISSAP examination it is possible you send me copies of the study notes?.

Best regards Hector

uajesusfreak99

j_a_s_o_n wrote: »

There will be an official cbk book out from ISC2 for it, but not until July of next year, last I heard.

See the below link on Amazon to pre-order the OFFICIAL ISC2 ISSAP CBK Guide:

Amazon.com: Official (ISC)2® Guide to the ISSAP® CBK ((ISC)2 Press) (9781439800935): Harold F.

The actual release date is set for July 26, 2010, so it's just around the corner.

cristian.tatoiu

keatron wrote: »

Hi. Guys, I took the official ISC2 prep for this certification (Hal Tipton was the instructor). I haven't had time to take the exam yet, but PM me and I'll be glad to email you copies of the notes I took in class. I'll probably be sitting it early spring myself.

Good luck.

Hi Keatron!

I am also interested in the notes you took at the ISSAP training.

Kind regards!

dynamik

He's pretty busy and hasn't been active here for awhile.

However, the official guide is due out next month (if it doesn't get pushed back any more): Amazon.com: Official (ISC)2® Guide to the ISSAP® CBK ((ISC)2 Press) (9781439800935): Harold F.

RTmarc

I can't believe it was taken this long to get that book printed. Are we going to make any bets as to whether or not this book sees the light of day before 2011?

dynamik

If you're not stuck on an (ISC)2 resource, this is an excellent architecture-oriented book: Amazon.com: Enterprise Security Architecture: A Business-Driven Approach (9781578203185): John Sherwood, Andrew Clark, David Lynas: Books

j_a_s_o_n

ISC2 now says November for the release on the official book.

Fugazi1000

The ISC2 ISSAP book is now published! It has a copyright date of 2011!! My copy from Amazon UK arrived last week (on back order for months with quite a few emails from Amazon pushing delivery dates back a few weeks at a time).

As for the book itself. I must say I'm quite disappointed on first glance. My impression is that it's old material rehashed. There might be some new stuff - but nothing obvious.

The pictures that support the text all seem to be from the '80s! I guess they're just library pictures, and they do their job - but it detracts from the book.

If I get time - I might do a fuller review when I've read it properly. I might even claim CPEs!!

sandeepgupta80

Hi Fugazi1000,

Did you take the exam? How did you find the official ISC2 guide for ISSAP? Would you recommend any other book to prepare for the exam.

Any assistance is greatly appreciated.

Thank you!

wmackey

I'm signed up to take the ISSAP on May 7th. So far I'm using the official study guide (about 3/4 of the way thru so far). Seems to be a lot of filler unrelated to what I would expect in an exam (or the end of chpater questions for that matter). Reminds of some college text books that needed to meet the page and weight miniumums.

wmackey

Well, sat for the exam last Saturday. The official guide was helpful, but not great. Without breaking the rules, I will say that the time I spent going over Common Criteria definitely helped. Also, should have spent more time studying Biometrics. Now the wait starts to see if I squeaked by.

tikipm

Hi

can you assist me with insights on the exam. I'm scheduled for the 21th May, which is this saturday. I will appreciate some practice exams and materials referrals. Some tips on the exam, which domain was dominating? Also whether i should go through the CISSP material or the ISSAP is sufficient?

regards
Tiki

wmackey

Probably too late now, but i'd look a common criteria and biometrics.

mikeysg

Official Book for CISSP-ISSAP is out (2nd Edition).

Here: Official (ISC)2® Guide to the ISSAP® CBK, Second Edition ((ISC)2 Press): ISC)² Corporate: 9781466579002: Amazon.com: Books

Varyag

Official Guide + books in reference CIB.

Humbe

Reviving a 2008 thread...

beads

To the best of my knowledge, or as far as I know, the ISSAP green book is the only after market book/material specifically related to the exam. Hardly perfect but I can say after reading the book and going through most of the bibliographies at the end of each chapter - its really all there, to include cryptography. Its a matter of weeding through all the bibliography references that will really prepare you for the test.

Warning! The test is much more difficult than the CISSP and took me about as long if not longer to do 125 questions as it did to complete the full CISSP. You get no other hints other than to look at the number of folks who have or still have this certification. Its a low number and having completed the exam the first time. I fully understand why.

- Beads, CISSP-ISSAP

mikeysg

Passed the exam in Singapore yesterday. Now awaiting approval for the certification after submitting the resume/CV.

Self reflection without breaking the NDA:

1) Official Guide was useful but should have other books for referencing too such as Enterprise Architecture
2) Experience definitely helps when answering some questions
3) Latest trends in IT Security should be aware of

Now onto taking CRISC in December 2015.