ISC2

The CISSP (Certified Information Systems Security Professional) exam is designed for advanced-level IT professionals interested in building a career in cybersecurity. The CISSP exam validates your skills in designing and managing enterprise-level cybersecurity implementations.

If you’ve already successfully passed the CompTIA Security+ exam and have a minimum of 5 years of hands-on industry experience in an IT administration role with a concentration in security, you’re ready to start preparing for your CISSP certification exam.

Prepare for the exam with our CISSP training course!

The CISSP exam covers a high-level range of topics that help demonstrate competency in IT fundamentals including:

• Security and risk management

• Asset security

• Security architecture and engineering

• Communication and network security

• Identity and access management (IAM)

• Security assessment and testing

• Security operations

• Software development security

Before taking the CISSP certification exam, you should feel confident in demonstrating your knowledge across these 7 core areas:

• Security and Risk Management

Evaluate and apply security governance principles to support alignment of security functions for business strategy, organizational processes, control frameworks, and due diligence. Understand legal and regulatory issues related to cyber crimes, intellectual property, privacy laws, and cross-border data flows.

• Asset Security

Determine appropriate security protocols related to data classification and asset classification, including privacy and data retention requirements.

• Security Architecture and Engineering

Assess and mitigate the vulnerabilities of security architectures, designs, and solution Elements in client-based systems, server-based systems, database systems, cryptographic systems, cloud based systems, and more.

• Communication and Network Security

Implement secure design principles in network architectures, network components, and network communication channels.

• Identity and Access Management (IAM)

Control physical and logical access to assets to secure business critical information, systems, devices, and facilities.

• Security Assessment and Testing

Conduct security control testing for vulnerability assessment, penetration testing, log reviews, synthetic transactions, code review, and more.

• Security Operations

Understand and support the security operations connected to administrative, criminal, civil, regulatory, and industry investigations.

• Software Development Security

Understand and integrate security in the Software Development Life Cycle (SDLC) to support development methodologies, maturity models, operation and maintenance, and change management.

The technical skills validated through the CISSP certification exam will help prepare you for IT career opportunities such as:

• Cybersecurity Specialist

• Information Security Architect

• Senior Network Administrator

If you’re looking to launch or advance your career in cybersecurity, CISSP is one of the most in-demand certifications for mid to advanced-level cybersecurity jobs. We recommend you successfully pass the CompTIA Security+ exam before attempting more advanced certifications, such as CASP+ or CISSP.

Successfully passing the CISSP certification exam also gives you access to an extensive and highly-networked community at ISC2 with ongoing training, networking events, job opportunities, and more.

CISSP certification is approved by the US Department of Defense to meet requirements for employment positions listed under the 8140/8570 directive. If you have no prior work experience, or prior industry certifications, you will want to start building your IT, networking, and basic security fundamentals with the CompTIA Security+ exam.

CIAT's Career Services team provides personalized career transition support to ensure you translate your technical training and industry certifications into viable career opportunities. Our full suite of career services support includes resume building, LinkedIn profile optimization, mock interview support, career coaching, and job placement support, and specialty workshops, to help ensure you’re positioned for success.

Typically, students enrolled in our Computer Information Systems Degree programs feel confident taking the CISSP exam after 5 weeks of technical training and exam preparation.

CISSP is an advanced- level certification that can serve as a launchpad for numerous IT certification and career pathways. The more certs you earn, the more skills you acquire, the more career opportunities will be available.

Here is the recommended IT certification pathway that includes the CISSP certification:

• Applied Bachelor’s Degree in Computer Information Systems – Cybersecurity Concentration

Your CISSP exam voucher, exam prep software, and certified instructor tutoring resources are included in the cost of your tuition of our Computer Information Systems Degree programs. Save hundreds of dollars in out-of-pocket expenses over a DIY studying approach.

CIAT’s National City campus includes secure and authorized testing center facilities, available to local San Diego students and alumni. For our online students, we work closely with you to help locate and facilitate an authorized testing center near you.

In response to the COVID-19 pandemic, CIAT has enabled students to take the CISSP certification exam remotely from the comfort of their own home. Don’t put your goals on hold or push off until normalcy returns.

Studying for the CISSP certification on your own is doable, but often leaves you without the required technical skills in your background, or the necessary resources to translate your exam score into an IT career.

Join over 2,000 students who have enrolled in CIAT accredited Certificate and Degree programs and are on their path to launching or advancing their IT careers. Our extensive, custom designed IT curriculum provides training for up to 14 industry certifications, including CISSP.

• No exam fees

• Unlimited exam attempts*

• Hands-on training through on-campus and virtual online classes

• Online test preparation workshops

• Test preparation software

• One-on-one support from certified instructors

• Accredited Certificate and Degree programs to beef up your resume

• Personalized career services support including resume building and job placement support

* Students are encouraged to take certification exams while actively enrolled in the degree program. Unlimited certification exam attempts expire 90 days after graduation. The following are single attempt exams and are not eligible for a retake voucher: CEH, CASP, CISSP, DevNet & CCNP. See certification exam policy for more details.

The minimum passing score required for the ISC2 CISSP exam is 700 (out of 1,000).

The ISC2 Certified in Governance, Risk and Compliance (CGRC) exam validates your ability to implement comprehensive risk management programs within complex organizational structures. Our CGRC preparation focuses on real-world application of the Risk Management Framework, helping you develop skills in control selection, assessment planning, and continuous monitoring that compliance teams rely on daily.

This certification proves your competency in translating regulatory requirements into actionable security controls and maintaining ongoing compliance postures. Employers value CGRC certification because it represents mastery of systematic approaches to risk assessment and mitigation that directly impact organizational security and regulatory standing.

CGRC works exceptionally well for professionals with experience in IT governance, audit, or compliance who want to specialize in risk management frameworks. While two years of relevant experience is required, this background ensures you can immediately apply advanced concepts and lead enterprise-wide risk initiatives upon certification.

The ISC2 CGRC exam evaluates your proficiency in comprehensive governance, risk, and compliance activities including:

• Designing and implementing organizational risk governance structures

• Conducting thorough risk assessments and control gap analyses

• Managing system authorization processes and compliance documentation

• Maintaining continuous monitoring programs and risk reporting mechanisms

Before taking the ISC2 CGRC certification exam, you'll need expertise across these six specialized domains:

• Security and Privacy

• Governance Risk Management

• System Scope Definition

• Implementation Management

• Audit Coordination

• Compliance Maintenance and Monitoring

• Identity and Access Management (IAM)

The specialized knowledge validated through ISC2 CGRC certification opens doors to senior-level risk and compliance positions such as:

• Risk Management Program Manager

• Compliance Director

• Cybersecurity Governance Specialist

• Information System Security Manager

• Regulatory Affairs Consultant

• Enterprise Risk Analyst

The governance, risk, and compliance field rewards both certification and practical application experience. Our comprehensive training includes case study analysis and framework implementation projects that provide concrete examples for interviews while building the strategic thinking skills necessary for senior leadership roles.

Your ISC2 CGRC exam registration, study guides, and professional development resources are covered within your program tuition costs. CIAT provides multiple exam scheduling opportunities and comprehensive preparation support, reducing certification uncertainty and additional expenses.

The ISC2 CGRC certification exam is also available through online proctoring services, allowing you to complete your certification from a secure home environment while maintaining ISC2's strict security and integrity requirements.

Independent CGRC preparation can be overwhelming due to the breadth of risk management frameworks and regulatory requirements covered. Many candidates struggle to connect theoretical concepts with practical implementation challenges faced in real organizational environments.

Benefit from CIAT's established network of professionals who've successfully earned CGRC certification and advanced to leadership positions in this field. Our integrated curriculum combines CGRC preparation with broader risk management education covering multiple professional certifications.

The ISC2 CGRC certification exam consists of 125 questions administered over 3 hours, with pass/fail determination based on ISC2's scaled scoring methodology and minimum competency standards.