The title of the Official (ISC)2 Guide to the CISSP CBK (OCBK) suggests that the book is the authoritative and exhaustive source for knowledge (topics) that are covered by the exam itself. One interpretation of this might be that every topic you need to know is in the OCBK—or putting it another way, if it's not in the OCBK, then you do not need to know it. I have my doubts that either of these is true, but I would like to know for sure (to the degree possible). The reason I think this is that the CISSP (ISC) 2 Certified Information Systems Security Professional Official Study Guide, 7e contains topics that are NOT in the OCBK (fourth edition). This would seem to support my assertion that the OCBK is not exhaustive in its coverage of topics that may be encountered on the exam. Is my assertion correct?
My reason for seeking clarity on this matter is that I am a member of my employer's committee on internal training for the CISSP. At present, the common belief among other members is that if a topic/subject/fact is not stated in the OCBK, then it is not relevant to the exam, and thus can be omitted from a study syllabus.
My PERSONAL experiences: NO, it is NOT.
Way back when I was studying my CISSP, the version I used was not all inclusive of all tested topics. In it of itself, it is not necessarily a negative factor, but compounded with too many typographical errors, and one chapter was not even formatted correctly (no space between words), made it impossible to rely on as an authoritative source for studying.
Having said that, CBK is still a useful reference book in your studying library.
Clear as mud?
Questions like this make researching quantum computing seem easy by comparison.
I haven't talked to the exam committee people for a while, but, in the old days, study guides, any study guides, did not qualify as sources references for exam questions. (In the old days, every exam question had to be backed up by at least two references from source security literature. Study guides were never considered source security literature.)
But that's only partly related to your question, which is about the range of topics. And, in terms of range, yes, the "Official Guide" should be authoritative. After all, it's based on the same CBK that the exam committee uses when creating exam questions. (Although the authors of training and study materials are not allowed to discuss their respective content with each other. The ISO 17024 standard for certifications mandates this so that we aren't just "teaching to the exam.") So, yes, if the topic is on the exam, it should be in the book.
But that tends to get a but subjective at times. I'd be interested in hearing what topics you have identified that are in the study guide, but not in the book.
(we have also discovered errors in both works).
Oh, pray tell me it isn't true! You are destroying my faith!
Although I've found the "official" guides to be more accurate than others, over a number of years, I'm sure they aren't perfect. (Of the "All-in-One" guide, when I was teaching, I used to tell the seminars that it was the most readable, but that I refused to answer any question that started out "Shon Harris says ...")