My preparion and attempt towards CISSP ISSAP.

ParthParth Member Posts: 38 ■■□□□□□□□□
I've been a silent member of this site. Looking at other's who have been giving CISSP ISSAP recently, I've decided to chalk out and update my own progress towards the said CISSP Concentration.

From what I've read around (this and other forum's), I've decided to take the following path:

1. Revise CISSP (Using CBT and read CISSP All in One by S. Harris)
2. I've got the CISSP ISSAP Official CBK Book. I plan to read this book in conjunction with the CISSP Revision. I'll complete one module of CISSP revision and read the same module from ISSAP.
3. Lastly I found a book, extremely simple to read and deeply insightful towards Information Security Architecture - Enterprise Security Architecture: A Business-Driven Approach (

I was active in Information Security arena for couple of years, I passed my SSCP, CISM, CISSP and CISA all in 2009. I'm restarting my InforSec career which for the last year is on a pause due to personal reason's.

I plan to give ISSAP within 45 days of this post and move on to ISSMP or CCIE-Security which I've only been planning from 2009.

Hopefully my preparation method and notes may help others.

Warm Regards,


  • emerald_octaneemerald_octane Member Posts: 613
    Parth wrote: »
    I passed my SSCP, CISM, CISSP and CISA all in 2009.

    Info-Sec Prodigy!?!?!

    Good luck with CISSP-ISSAP although I'm sure you'll pass.
  • redzredz Member Posts: 265 ■■■□□□□□□□

    My understanding is that the ISSAP Official CBK revision 2 comes out in late August-September time frame, and public opinion tends to lean toward the current ISSAP official CBK being not just choppy but quite inadequate. I am also interested in pursuing the ISSAP, but have decided to work towards MCSA: Server 2012 and (time permitting) MCSE: Private Cloud in the interim.

    I would like to know how you feel about Enterprise Security Architecture: A Business-Driven Approach as preparatory reading after taking the exam, and look forward to seeing further updates regarding your work toward this certification.

  • ParthParth Member Posts: 38 ■■□□□□□□□□
    Well, 2009 was a good year for education for me.. I cleared all the exams I hoped for. But after that it has been a slump:

    CISSP-ISSAP has been something I just started studying but I've been wanting to give CISSP-ISSAP for sometime now. I choose ISSAP over ISSMP because of personal preference towards architecture.

    As for the ISSAP V2 - It's already declared (and so are ISSMP and ISSEP at V2)
    Note: Effective April 1, 2013, the ISSAP exam is based on the new exam blueprint, or Detailed Content Outline (DCO). The professional work experience requirement for the CISSP-ISSAP remains two years, but the sub-domains have changed. Please refer to the ISSAP Exam Outline for details.

    Since I have the old official guide for ISSAP I might have to wait till the new one comes out in September but I'm still willing to try it out.

    Moving on I am determined to do CCIE-Security which has been a pending dream since 2009 and I'm curious towards ISC2's CCFP too.

    I personally recommend reading Enterprise Security Architecture: A Business-Driven Approach for it's simplicity and detailed approach towards Information Security Architecture. It is the best literature I've read for the subject.

    Lastly, Good Luck to both of you for your certification endeavors. :)
Sign In or Register to comment.