I would like to take the new ISSEP exam, however, with the new format I will need to study different and updated areas.
Is there any estimated date for a release of a new Official ISC2 Guide or training for the new ISSEP format?
Thanks for the detailed reference list. That helps quite a bit, and confirms that SP 800-160 is key in two domains.
I recommend that the list be updated to specify only SP 800-160 Volume 1 as the reference. Recent publication of Volume 2 forced the name change of the original release.
Also, quite fascinating that the PMBOK is listed as a key reference given that many enterprises consider the PMP a useful correlate certification to the CISSP, supplementing, not competing with, the CISSP. However, I STRONGLY recommend amending the list and filtering the exam question pool so that ONLY the current edition of the PMBOK is needed for study, and any questions derived from earlier editions but not found in the current one are removed from the question pool.
Generally speaking, the most recent (final) version of a standard is used and that does include any material consumed through PMI, of which the PMBOK is only one example to help build a foundation in the technical management domain.
Also, I would strike the IATF reference, it was replaced it with NIST SP 800-160 v1 and the ISO/IEC/IEEE 15288 standard that it references. Although the list looks good, I strongly caution you in saying that the certification is not about memorizing and recalling standards. You must be able to apply knowledge consistently. It is true that the certification had its start with the DoD, but today it has become more international and less NIST standard and DoD policy issuance centric. Systems Security Engineering is a discipline and NOT just a part of the certification title. It is an engineering mindset. That is what I live and breathe every day.
@CraginS - I stand corrected - that post was made years ago and I was still pretty junior just trying to help out with information - Each year we take what the most commonly used references are at the end of the year and post them to our webpage in January to try and help out candidates. It is not an exhaustive list. And we do not update the reference list on the web but only once a year because it could be a full time job! LOL.
If a reference is superseded or withdrawn - as we have seen with many with NIST over the past couple of years, we make sure the item can still be supported in the new reference. (*so if you are studying and looking at the list on the website, please use the most current version) If it can, we update the reference in our item bank. If it can't, we send the item back to another workshop to see if it can be revised based on the new reference. If it can, it will go thru a pretest cycle on a future exam. If it can't, then the item gets retired. We are very rigorous to make sure that all items are validated by the most recent version or latest edition that we have access to. I know in my most recent remote item writing workshop, one of my SMEs had the physical book that was just published in 2021, but our resources that we have access to did not have access to that book - so the peer reviewer, nor my team could not validate that the reference supported both the stem and key. So we have to have access to the reference to be able to defend any item that a candidate may question.
Hope this clears things up!!
" I know in my most recent remote item writing workshop, one of my SMEs had the physical book that was just published in 2021, but our resources that we have access to did not have access to that book "
Hi, just wanting to clarify exactly what physical book you are referencing in this quote from a few years ago. I'm looking for an official CBK that ISC2 has published, if it exists, for the ISSEP. Hoping you're referring to such a unicorn, thanks!
It has been about 5 years. Has there been an updated CBK yet for ISSEP?
Also are these references that you listed still used? Or is there an updated list?
Asking because the NIST 800-64 has been withdrawn and is no longer considered a NIST Standard/pub.