cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
DMEdwards
Newcomer II

ISSMP Domains - 5 or 6?

I am a little confused by the official study materials for the ISSMP concentration. The official flash cards and the certification exam outline both list 6 domains, but the official CBK book only lists 5? I verified I have the second edition - bought just yesterday. Can anyone shed light on what I've done wrong?

18 Replies
Steve-Wilme
Advocate II

The official guide to the CBK from 2011 has only 5 domains:

 

  • Domain 1. Enterprise Wise Security management Practices
  • Domain 2. Enterprise Wide Systems Development Security
  • Domain 3. Overseeing Compliance of Security Operations
  • Domain 4. Understanding BCP, DRP, and CoOP
  • Domain 5. Law Investigation, Forensics and Ethics

 

The current ISSMP has 6:

  • Domain 1. Leadership and Business Management
  • Domain 2. Systems Lifecycle Management
  • Domain 3. Risk Management
  • Domain 4. Threat Intelligence and Incident Management
  • Domain 5. Contingency Management
  • Domain 6. Law, Ethics, and Security Compliance Management

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
DMEdwards
Newcomer II

Hello Steve, thank you for taking the time to respond. I'm still confused, though, because the book I have is definitely the second edition, published in 2015. Also, here is the description from the Official (ISC)² website for self-study tools: https://www.isc2.org/Training/Self-Study-Resources

 

Official (ISC)² Guide to the ISSMP CBK, Second Edition

Supplying an authoritative review of key concepts and requirements, the Official (ISC)² Guide to the CISSP-ISSMP CBK, second edition is both up-to-date and relevant. This book provides a comprehensive review of the five domains in the ISSMP CBK: Security Leadership and Management, Security Lifecycle Management, Security Compliance Management, Contingency Management, and Law, Ethics and Incident Management.

dcontesti
Community Champion

@DMEdwards Found this:

 

https://www.isc2.org/-/media/ISC2/Certifications/Exam-Outlines/ISSMP-Exam-Outline-Effective-May-2018...

 

It clearly states that there are six domains.

 

The site you are looking at has a copyright date of 2017, which means it may be outdated.

 

@AndreaMoore would you please have someone look into this and maybe have the pages updated?

 

@ToniHahn can you please clarify for us which is the correct number of domains for the ISSMP?  

 

Regards

 

d

 

DMEdwards
Newcomer II

I understand that there are lots of sources saying that there are 6 domains. I do not dispute that. I am trying to understand why the official book, which is the actual information I'm supposed to be studying, only lists 5 domains. I can't find any 3rd edition, but I'm having a hard time believing that the test would be updated to a new set of material without publishing that material.

ToniHahn
Contributor I

@DMEdwards  - I am checking with our education department about the books.  And the outline gets created first.  When we publish it to the web, that is when education takes the info and tries to get authors or SMEs to update books.  So yes, an exam can get updated without the book being updated.  

 

@dcontesti - yes it is 6 domains and yes that is the current exam outline.  You can always find the current one here. 
 https://www.isc2.org/Certifications/CISSP-Concentrations.  

Click on the ISSMP and then click on "Get the CISSP-ISSMP outline.

dcontesti
Community Champion

This is why I asked Andrea and Toni to comment.

 

We have seen in the past where training material (text books) lags behind the actual exam, although 3 years does seem like a long time.

 

d

 

ToniHahn
Contributor I

And that is why I am checking in with the education department.  We don't work with one another as we have to keep that "chinese firewall", so I don't want to give any false information.

DMEdwards
Newcomer II

I really appreciate everyone's help on this. I finally have some time to devote to study for the first time in a couple of years, so I am probably a little too eager to get started. 🙂

ToniHahn
Contributor I

@DMEdwards - good luck.  We do offer a list of the top 5 references used per domain (not in any particular order) for each certification to help candidates out

 

https://www.isc2.org/certifications/references#
click on CISSP-ISSMP