cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AlecTrevelyan
Community Champion

Re: New ISSEP Official Guide and/or training for the March 14 refresh?

 

I passed the ISSEP exam today thanks to the guidance in this thread, particularly the list of top 5 references per domain from @ToniHahn and the advice from @wentzwu that the old CBK book from 2005 is still a valuable study resource. Many thanks to you both!

 

ToniHahn
(ISC)² Team

Re: New ISSEP Official Guide and/or training for the March 14 refresh?

CONGRATS!!!!!  That's great news!!!

Xdbuix
Newcomer I

Re: New ISSEP Official Guide and/or training for the March 14 refresh?

Congrats on your pass!

TK
Newcomer II

Re: New ISSEP Official Guide and/or training for the March 14 refresh?

Well done, congratulations.

wentzwu
Newcomer III

Re: New ISSEP Official Guide and/or training for the March 14 refresh?

Congratulations for passing ISSEP!


Best regards,
Wentz Wu, CISSP-ISSMP,ISSEP,ISSAP/CCSP/CSSLP
https://WentzWu.com
AppDefects
Community Champion

Re: New ISSEP Official Guide and/or training for the March 14 refresh?


@CraginS wrote:

@ToniHahn

Thanks for the detailed reference list. That helps quite a bit, and confirms that  SP 800-160 is key in two domains. 

I recommend that the list be updated to specify only SP 800-160 Volume 1 as the reference. Recent publication of Volume 2 forced the name change of the original release.

 

Also, quite fascinating that the PMBOK is listed as a key reference given that many enterprises consider the PMP a useful correlate certification to the CISSP, supplementing, not competing with, the CISSP. However, I STRONGLY recommend amending the list and filtering the exam question pool so that ONLY the current edition of the PMBOK is needed for study, and any questions derived from earlier editions but not found in the current one are removed from the question pool. 

 

 


Generally speaking, the most recent (final) version of a standard is used and that does include any material consumed through PMI, of which the PMBOK is only one example to help build a foundation in the technical management domain.

Also, I would strike the IATF reference, it was replaced it with NIST SP 800-160 v1 and the ISO/IEC/IEEE 15288 standard that it references. Although the list looks good, I strongly caution you in saying that the certification is not about memorizing and recalling standards. You must be able to apply knowledge consistently. It is true that the certification had its start with the DoD, but today it has become more international and less NIST standard and DoD policy issuance centric. Systems Security Engineering is a discipline and NOT just a part of the certification title. It is an engineering mindset. That is what I live and breathe every day.

tswern
Newcomer I

Re: New ISSEP Official Guide and/or training for the March 14 refresh?

While is a an old post, nevertheless, thanks for the headsup! Aiming for ISSEP soon.

ToniHahn
(ISC)² Team

Re: New ISSEP Official Guide and/or training for the March 14 refresh?

@CraginS - I stand corrected - that post was made years ago and I was still pretty junior just trying to help out with information - Each year we take what the most commonly used references are at the end of the year and post them to our webpage in January to try and help out candidates.  It is not an exhaustive list.  And we do not update the reference list on the web but only once a year because it could be a full time job!  LOL.
If a reference is superseded or withdrawn - as we have seen with many with NIST over the past couple of years, we make sure the item can still be supported in the new reference.  (*so if you are studying and looking at the list on the website, please use the most current version)  If it can, we update the reference in our item bank.  If it can't, we send the item back to another workshop to see if it can be revised based on the new reference.  If it can, it will go thru a pretest cycle on a future exam.  If it can't, then the item gets retired.  We are very rigorous to make sure that all items are validated by the most recent version or latest edition that we have access to.  I know in my most recent remote item writing workshop, one of my SMEs had the physical book that was just published in 2021, but our resources that we have access to did not have access to that book - so the peer reviewer, nor my team could not validate that the reference supported both the stem and key.  So we have to have access to the reference to be able to defend any item that a candidate may question. 
Hope this clears things up!!