CCSP Experience Requirement

2cert · ‎09-03-2025

The below statement from this page contains the link to ISC2 approved list for CISSP. Is this correct? The list includes Security+ and CySA+, two certs that I already have. Would be great if this is true because I have zero experience in cloud (any of the six domains).

Earning an additional credential from the ISC2 approved list may be substituted for one year of experience in one or more of the six domains of the CCSP Exam Outline.

dcontesti · ‎09-03-2025

The requitements for the CISSP are different than other certification.

From the page you listed,

One Year Prerequisite Pathway

CSA’s CCSK certificate can be substituted for one year of experience in one or more of the six domains of the CCSP Exam Outline.

I do not think the organisation has changed their stance on other certifications from one year and only one being substituted. But let's ask @CBMExamTeam to chime in.

nkeaton · ‎09-03-2025

@2cert I think that you might be mixing things up a little if understanding you. One link is certifications that will substitute for one year of experience for the CISSP, and the other is for the CCSP. Only one year total can be substituted. If you have a CISSP and then earn a CCSP, ISC2 does not make you get an endorsement but will have you go to the endorsement screen to accept the code of ethics. I had not seen that for the CCSP but does not surprise me as the CCSK is CSA’s certificate. They helped ISC2 develop their CCSP and ISACA their CCAK. I used CSA’s materials to pass my CCSP and CCSK. They assume that already know cybersecurity and only concentrate on cloud concepts, terminology, and security. So you are planning on taking the CCSP only or before the CISSP? Please feel free to ask me questions.

2cert · ‎09-04-2025

Yes, I plan to take CISSP in the future.

I have a free CCSP exam voucher, but I'm not sure if passing the exam would benefit me if I'm not going to be certified since I don't have that 1 year experience in cloud. I have 10+ years experience in InfoSec. I also have SSCP but haven't done the endorsement yet.

The 'credentials' link on the page I mentioned points to certs from CompTIA as valid credentials that can be used to satisfy that 1 year cloud requirement. But that page is actually under CISSP. The links are structured like this:

https://www.isc2.org/certifications/ccsp/ccsp-experience-requirements

https://www.isc2.org/certifications/cissp#Required%20Work%20Experience

https://www.isc2.org/certifications/cissp/cissp-experience-requirements

The last link will show this list.

nkeaton · ‎09-04-2025

@2certs The CCSP requires 5 years and can waive 1, but if you look at the exam objectives (they call it an exam outline), I would guess have what is required with your field. It is about half cloud and half cybersecurity. I earned my CCSP kind of by accident when one of our folks was just going to just let an exam voucher expire. So I did it in the “wrong” order. The CCSP convinced me to try the CISSP. I had a CAP and SSCP for years and really had no intention of going further. I would recommend at least taking the exam. I just don’t like to see exam vouchers wasted. Thank you for sharing the CCSP waiver for 1 year experience. I believe that most people do the CCSP after the CISSP, but you and I were fortunate enough to get an exam voucher. Definitely an opportunity. Congratulations on passing the SSCP. Please get your next steps done to be certified on it. I definitely think is a good certification. Feel free to ask questions and best wishes on whatever you decide to do on the CCSP.