I have been in this dilemma for some time now. If you look at this thread,
I have not got a firm answer either from ISC2 or Mike Chappel author of the official Study guide, if I can take the exam. My only concern is that after taking the exam if it get only an Associate level certification, it is just a waste of time and money as it is a significant investment of both. My plan is to get certified by December. Appreciate this community's help
Years ago when I investigated ISC2 CISSP certification I started by looking around the people I worked with to see who was CISSP certified. It turns out that many people who I worked with professionally held CISSP certification.
I learned that a group of IT professionals from a couple of different companies in my area were planning to create a weekly study group conference call. The only requirement is that everyone had to contribute something; in other words they had to volunteer to study, research, present, and share their notes on a domain. We had so many people that for most domains we had 3 people presenting. These calls went on for over 3 months; because it took multiple 2 hour calls to cover some domains. We all sat for the exam at the same time (again long ago when the exam was proctored in person). I passed on that first attempt.
When people ask me if they should pursue CISSP I suggest they think about who they want to work with and where they want to be in 2 years. It doesn't matter if you have required experience. Find people working in IT security you want to work with and ask them if they have or recommend CISSP. People that have that CISSP will often recognize that you are doing the work and will help you.
Think about where you want to be in 2 years because for some it will take that long from start of studies to achieving certification.