cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cyberchap
Newcomer I

Exam Pre- requisite experience ?

Hello,

 

I am confused over the work experience requirements. Please explain-

1- Getting endorsement from CISSP is enough to prove experience? Any other documents need to be submitted?

 

2- How much is the maximum waiver against experience? I have 4 year degree and 2 other recongized Certs.

 

3- How to verify if my work experience stands sufficient to qualify for exam?

 

TIA

Regards

9 Replies
trismegistus
Viewer II

I only know the answer to #2 for sure. You only get to waive one year from your combination of certs and education.
CraginS
Defender I


@cyberchap wrote:

...

1- Getting endorsement from CISSP is enough to prove experience? Any other documents need to be submitted?

---


Arshad,

The endorsing (ISC)2 member is responsible for verifying your claimed experience. If your endorser is not personally knowledgeable of your experience, you may need to provide documentation to the endorser, but not to (ISC)2. *

 


@cyberchap wrote:

2- How much is the maximum waiver against experience? I have 4 year degree and 2 other recongized Certs.

As previously noted, you can waive only one year of the experience, if you have a four year degree. Certifications, per se, give no indication of experience. If you have a certification with its own experience requirement, such as CISM, you should show that experience record (not the certification) to your endorser. 

 


@cyberchap wrote:

3- How to verify if my work experience stands sufficient to qualify for exam?

Since you can sit for the exam with no experience to qualify as an Associate of (ISC)2, there is no pre-exam verification required. If you expect to go directly for certification based on experience, your best bet is to line up an endorser prior to registering for the exam, and have that endorser review your experience claim ahead of time.* 

 

* If you have no colleague or professional acquaintance who is a member of (ISC)2 to endorse you, you will have to ask the (ISC)2 staff to endorse your application for certification. In that case, include  as a minimum a resume that give clear statement of employers, dates of employment, and specific cybersec duties in each job. If the reviewing staff needs more documentation they will contact you.

 

Excellent to be asking these questions up front. Good luck!

 

Craig

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
AlecTrevelyan
Community Champion


@cyberchap wrote:

Hello,

 

I am confused over the work experience requirements. Please explain-

1- Getting endorsement from CISSP is enough to prove experience? Any other documents need to be submitted?

 

2- How much is the maximum waiver against experience? I have 4 year degree and 2 other recongized Certs.

 

3- How to verify if my work experience stands sufficient to qualify for exam?

 

TIA

Regards


Hi,

 

I assume you're talking about the CISSP for which the experience requirements are stated here:

 

https://www.isc2.org/Certifications/CISSP/experience-requirements

 

To answer your questions:

 

1) If you know an ISC2 member (doesn't just have to be a CISSP, any holder of any ISC2 certification can provide an endorsement) who's willing to vouch for you, when you go through the endorsement process you won't have to provide any documentation unless your application gets audited. You just fill in a web form asking for details of your experience. (You only need to provide documentation if you ask ISC2 to act as your endorser.)

 

2) As you've already been advised, you can only waive a maximum of 1 year from the experience requirement.

 

3) I always advise people to go through the exam outline (current or from May 2021) and review the tasks / subtasks associated with each domain. Do you have 5 years (4 with an appropriate waiver) of cumulative paid work experience in at least 1 task or subtask across at least 2 of the 8 domains?

 

BTW - as a point of clarification, there are no prerequisites to take the exam - the above points only apply to becoming a full member of ISC2 after being awarded the CISSP by passing the exam and completing the endorsement process.

 

If you aren't able to successfully pass the endorsement process, then you will become an Associate of ISC2, or you can opt to become an Associate while registering for the exam if you know you don't yet have the experience and skip the endorsement process. Becoming an Associate will afford you 6 years in which to earn the requisite experience. Once you have earned the experience you go through the endorsement process again and will hopefully become a CISSP at the end of it.

 

Although there are no technical prerequisites to take the exam, please note there are some eligibility criteria you are expected to satisfy prior to signing up for it:

 

https://www.isc2.org/Register-for-Exam/Background-Qualifications

 

EDIT: posted the same time as Dr. Shelton!

 

Steve-Wilme
Advocate II

Your best bet is to get an endorsement from an ISC2 certification holder who knows you and what you've worked on.  This can be a colleague or a line manager.  It certainly doesn't have to be your manager or even someone working in the same organisation.

 

Reviewing a  copy of your resume is a reasonable way to figure our how your experience maps to the CISSP domains.  Cast your mind back and consider the content of the job roles, rather than just look at the job titles.

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
AppDefects
Community Champion

Notably, (ISC)2 does not require "pre-qualification" and approval before a candidate can sit for an exam. PMI used to require it before you sat for the PMP exam. With (ISC)2 the experience evaluation and endorsement process is after the fact...

CraginS
Defender I


@AppDefects wrote:

Notably, (ISC)2 does not require "pre-qualification" and approval before a candidate can sit for an exam. PMI used to require it before you sat for the PMP exam. With (ISC)2 the experience evaluation and endorsement process is after the fact...


Once upon a time, (ISC)2 did not require verification of experience prior to taking the exam. (This was before the no-experience Associate testing was initiated.) Then a 16 year old in India became a CISSP, and (ISC)2 was embarrassed by the apparent shallowness of the certification. In reaction, (ISC)2 established both a firm experience requirement, and an endorsement verification step. After the dust settled, the last laugh was when it became known that the 16 year old Indian would have met all of the "new" experience and verification requirements, since he had been working for his father's iT business for a number of years, and actually did have the requisite years of experience prior to his exam.

 

Craig

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
cyberchap
Newcomer I

thanks for contribution, do you mean that i can appear and pass the exam, afterwards, endorsement and experience evaluation will take place? do I need to provide any such thing before hand?
cyberchap
Newcomer I

thanks Craig
cyberchap
Newcomer I

very well said Steve. Thanks