I am currently a Data protection officer and I was wondering if my work experience in this role can be considered valid for a CISSP certification. Does it fall traditionally under at least 2 of the 8 domains?
Thank you for your time and have a great day!
I think it depends on a few factors :
* what are your responsibilities as a DPO? My understanding is that the general tasks of a DPO are as follows:
a. monitoring an organisation’s compliance
b. informing and advising on its data protection obligations
c. and acting as a contact point for data subjects and the relevant supervisory authority
* Is the DPO role a full time position or not?
Given the current 8 domains, I would only see the work of a DPO (based on the description above) fitting "Security and Risk Management" for the FTE time you spend on it.
Current 8 domains for reference :
Thank you for your answer. Indeed, it seems to fit into that domain, those are the tasks I am performing. Currently I perform 50% of my time working as a DPO and I'm doing so for the last year.
I am considering to advance to doing the other 50% of my time as a System Administrator, which can lead me to getting a SSCP credential in the following years.
I have also a 4 years college degree and I'm preparing to get a IAPP-EU and a CIPM certifications.
I was wondering if sitting at a ISC2 exam for a CISSP is a valid option, considering my career plans and how long it will take me to have the right amount of years of experience as DPO and Sys. admin. (or if that fits in the certification requirements).
Have a nice day and thanks again for your answer!
> CristinaDeLisle (Viewer) posted a new topic in Certifications on 02-06-2019
> I am currently a Data protection officer and I was wondering if my
> work experience in this role can be considered valid for a CISSP certification.
> Does it fall traditionally under at least 2 of the 8 domains?
I'd say three: Asset Security, probably Identity and Asset Management, and Security Operations.
Thank you for you answer! Do you by any chance know if the experience as system administrator can enter in some of the domains? It is indicated clearly for a SSCP credential, but I was wondering if it could qualify also for a CISSP. A system administrator is a more traditional career than a DPO for assessing the relevant work experience, so I assume there is a practice so far which was established. If it does, I could add both experiences for validation, after sitting for an Associate of ISC2 with the CISSP pathway.
Have a nice evening and thank you again for you time!