Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
gen90
Newcomer I
‎06-19-2019 11:46 PM
‎06-19-2019 11:46 PM

Domain mapping for CISSP experience requirement

Hi,

i am trying to figure out if the following scenario would let me achieve cissp qualification after passing the exam

 

 

could i have 2 years of experience at one job in ONE domain ( say risk management only) and another 3 years of experience at ANOTHER job with ANOTHER one domain(say just the asset security)? will that be eligible for overall 5 years of experience?

 

OR do i need 2 domain experience in both of the jobs to make them both eligible individuallu to count towards experience

 

I hope it makes sense what i am trying to say

Reply
0 Kudos
8 Replies
Steve-Wilme
Advocate II
‎06-20-2019 04:04 AM
‎06-20-2019 04:04 AM

You could argue that InfoSec is a risk management discipline in itself.  There would be no need for security controls unless there were risks.  A reasonable way to approach this would be to look beyond the job titles you've had and into the actual content of each role and figure out how this aligns to CBKs.  For example, I've held positions in which my title was manager, but in which I also did hands on work in many of the domains, due to staff shortages.  Also I'd suggest you discuss it with whoever you're intended to endorse your application before you make it.

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
Reply
0 Kudos
emb021
Advocate I
‎06-20-2019 10:39 AM
‎06-20-2019 10:39 AM

Its supposed to be *2* domains over 5 years.

 

Does it have to be the same domains over that period, no.  But you need experience in 2 domains.

 

I had the same thing with my ISACA certs.  I had to indicate what jobs and their periods and what domains over the 5 year period.

 

So long as I had experience in at least 2 domains, I was ok.

 

I think the same idea would be how ISC2 works.

 

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow
Reply
0 Kudos
gen90
Newcomer I
‎06-20-2019 10:49 AM
‎06-20-2019 10:49 AM

Those are job descriptions(summary), not the titles.
Reply
0 Kudos
AppDefects
Community Champion
‎06-20-2019 11:19 AM
‎06-20-2019 11:19 AM

Sounds reasonable if you go ahead and map the number of months experience to a domain. Does matter if it is with different employers. 

Reply
0 Kudos
emb021
Advocate I
‎06-20-2019 02:25 PM
‎06-20-2019 02:25 PM

Ok, maybe this will help.

 

From 2016-2017, at employer X, you held position such and such.

In that position, you did work that covers domain A, C, and D

 

From 2017-2018, at employer Y, you held a different position

In that position, you did work that covers domain A, B, and F

 

In 2019, at employer Y, you held yet a different position

In that position, you did work that covers domains B, C, and G

 

So for 5 years you did work in at least 2 domains, even if they weren't always the same.

 

I know when I applied for CISSP 4+ years ago, I submitted an edited resume that I made clear what domains I was involved with at my previous positions.  As the person endorsing me was a former co-worker, didn't have an issue in that regards.

 

Not sure how the current endorsement form works.  The above is similar to what I had to cover with my ISACA certs, FWIW.  To be simple, I left out months, but realistically, you'd have to account for that.

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow
Reply
0 Kudos
gen90
Newcomer I
‎06-20-2019 03:29 PM
‎06-20-2019 03:29 PM

This is where my confusion comes, I am getting mixed answers. People above you mentioned its accumulative but you are saying it has to be 2 or more domains at each job.

So if i work at one job for 3 years on two domains ( says domain 1 and 3)

and next job 2 years but only worked at 1 domain ( say domain 2?)
Does that mean my last 2 years of job experience wont count? because it was only with 1 domain?

Reply
0 Kudos
amandavanceISC2
Moderator
Moderator
‎06-20-2019 03:40 PM
‎06-20-2019 03:40 PM

@gen90 Thank you for your inquiry. The 5 years in at least 2 of the 8 domains can be earned at separate times, they do not all have to be earned in the same place. 

 

Example:

Job A: 4 years and 11 months - domain 4

Job B: 1 month - domain 5

 

This is 5 years in at least 2 of the 8 domains

 

Best Regards,

Amanda Vance

Reply
Steve-Wilme
Advocate II
‎06-21-2019 03:26 AM
‎06-21-2019 03:26 AM

It used to be the case that you had to include a resume.  That was 10 years + ago though.

That should clear up any ambiguity regarding experience.

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
Reply
0 Kudos