Seriously Now

How strict are they with these CISSP professional experience requirements? They seem pretty demanding, but I've seen lots of "demanding" requirements before, and at the end of the day, people who didn't measure up were still awarded the certification. So, how serious are they?

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

LarryDaMan

benevolent dictator wrote:

How strict are they with these CISSP professional experience requirements? They seem pretty demanding, but I've seen lots of "demanding" requirements before, and at the end of the day, people who didn't measure up were still awarded the certification. So, how serious are they?

They take it very seriously and you have to be endorsed by a CISSP or SSCP in good standing. You send in your endorsement letter and your current resume after passing the exam. The thing is, if you try to defraud the system, you could be banned from ever attaining the CISSP. If you get audited, they could very well decide to contact references and supervisors.

Like anything else, I am sure you could get away with it, but why try? Just become an associate until you have the requisite experience.

I got my exam registration confirmation letter last week, it kind of made it all seem real. Time to put the pedal to the metal.

zen master

larrydaman wrote:

benevolent dictator wrote:

How strict are they with these CISSP professional experience requirements? They seem pretty demanding, but I've seen lots of "demanding" requirements before, and at the end of the day, people who didn't measure up were still awarded the certification. So, how serious are they?

They take it very seriously and you have to be endorsed by a CISSP or SSCP in good standing. You send in your endorsement letter and your current resume after passing the exam. The thing is, if you try to defraud the system, you could be banned from ever attaining the CISSP. If you get audited, they could very well decide to contact references and supervisors.

Like anything else, I am sure you could get away with it, but why try? Just become an associate until you have the requisite experience.

I got my exam registration confirmation letter last week, it kind of made it all seem real. Time to put the pedal to the metal.

An associate? I don't see anything about that on the website. What are the requirements for that? How would you go about becoming a CISSP after being an associate. I have 3 years full time experience, and I could get a waiver of one year for my degree, but that still leaves me one year short. I guess I'll wait till next year.

dynamik

It's listed under "Credential Offerings": https://www.isc2.org/cgi-bin/content.cgi?category=96

It's just the designation you get until you satisfy the requirements. You become a full-fledged SSCP or CISSP as soon as you satisfy them.

shednik

benevolent dictator wrote:

An associate? I don't see anything about that on the website. What are the requirements for that? How would you go about becoming a CISSP after being an associate. I have 3 years full time experience, and I could get a waiver of one year for my degree, but that still leaves me one year short. I guess I'll wait till next year.

If you look on the main page and click on the associate of isc2 link and there will explain it. Yes having a degree will waive 1 year of experience, but you must have another 4 years of full time infosec experience which it sounds like you mean you just have experience. If you do have infosec experience already you qualify for the SSCP which may be a good stepping stone for you.