ISC2 CISSP

CISSP certification cost and requirements (2024): Your complete preparation guide

Jeff Peters
August 4, 2024 by
Jeff Peters

The Certified Information Systems Security Professional (CISSP) certification is recognized worldwide as a badge of excellence for cybersecurity professionals. It indicates to employers that you have a broad understanding of cybersecurity plus experience in the cybersecurity field, which is why it’s the most requested certification in U.S. job listings. 

In this article, we discuss CISSP certification costs and the prerequisites for getting certified. Using this information, you can strategize how and when to earn your certification. 

Earn your CISSP, guaranteed!

Earn your CISSP, guaranteed!

Get live, expert CISSP training from anywhere. Enroll now to claim your Exam Pass Guarantee!

Understanding CISSP certification 

The CISSP certification is designed and issued by the International Information System Security Certification Consortium (ISC2), and it serves as proof of a candidate’s knowledge and skills in a range of information security disciplines. It consists of eight domains: 

  • Security and Risk Management 
  • Asset Security 
  • Security Architecture and Engineering 
  • Communication and Network Security 
  • Identity and Access Management (IAM) 
  • Security Assessment and Testing 
  • Security Operations 
  • Software Development Security 

These eight domains require candidates to have a broad range of cybersecurity knowledge in order to pass the exam and obtain certification. 

Prerequisites for CISSP certification 

To earn your CISSP certification, you have to have at least five years of cumulative, full-time work experience in at least two of the eight domains mentioned above. You can satisfy as much as one year of required experience by earning a bachelor’s or master’s degree in computer science, information technology or a connected field. Another way to earn up to one year of qualifying experience is to get another credential from the ISC2’s approved list. You can find the list of credentials on ISC2’s site, but some include: 

Common questions around CISSP requirements include:  

  • Can a beginner get CISSP certification? This certification isn’t designed for those who have no experience in cybersecurity. Rather, it’s geared towards those who want to leverage their experience to pursue higher-paying positions, so it’s a common cybersecurity manager certification. You need to meet the experiential requirements outlined above to get your official CISSP certification. 
  • Can you take the CISSP without any experience? Yes. You can still take the CISSP exam even if you don’t have experience, but you will not earn your full certification. Instead, the ISC2 will grant you the title of Associate of ISC2. Then, you have up to six years to earn the five years of necessary experience. 

Breakdown of CISSP certification costs 

The CISSP exam costs $749 at the time of this writing (but see the ISC2 website for the most up-to-date pricing). If you have to reschedule your exam, there’s a $50 fee, and if you cancel your exam, there is a $100 fee. 

In addition to the actual cost of paying for the exam, it’s a good idea to factor in expenses associated with: 

  • Study materials: For instance, the Official CISSP Study Guide from Sybex costs around $60 on Amazon. 
  • Training course fees: The amount you end up paying will vary depending on the type of training you choose. A live CISSP Certification Boot Camp costs more than on-demand CISSP training courses; however, a boot camp usually includes all the other costs mentioned here. 
  • Membership fees: Once you hold your CISSP certification, you must pay an annual maintenance fee of $135, which also serves as your ISC2 membership fee. 

Also, if you become an associate of ISC2 by passing the exam before having the necessary experience, you must pay an annual maintenance fee of $50. 

Preparing for the CISSP exam 

To put yourself in the best position to pass the exam, you can take advantage of the following study materials and resources: 

  • Official ISC2 publications, such as the organization’s CISSP study guide and practice tests, give an overview of the eight domains, each domain’s content and the kinds of questions you can expect to encounter. 
  • Third-party prep courses: Courses from reputable providers, such as Infosec’s CISSP training, can give you a strategic edge because they provide deep, focused learning experiences custom-designed to help you ace the exam. 
  • Online communities: You can access discussion boards, such as Reddit’s CISSP board or TechExam's CISSP board, to learn from others' experiences and get tips from those who’ve passed the test. 
  • Practice exams: In addition to the free practice questions offered by ISC2, you can also purchase full practice exams online or use the practice exams provided in third-party prep courses. 

Earn your CISSP, guaranteed!

Earn your CISSP, guaranteed!

Get live, expert CISSP training from anywhere. Enroll now to claim your Exam Pass Guarantee!

Even though your prep routine will vary according to your learning style, here are some best practices that others have found helpful: 

  • Develop a systematic study plan: Set aside time each day, and make sure you cover each domain thoroughly. If you come across a challenging topic, it’s good to swing back and revisit it later. 
  • Use a range of resources: For example, a combination of practice tests, study guides and guided instruction is often more beneficial than training with only one method. 
  • Set up a practice schedule: You should take practice exams periodically because they reinforce your knowledge and help you get used to tackling many questions in a single sitting. 
  • Strengthen your weaknesses: If you feel less confident in certain domains, spend time strengthening those areas. Similarly, if you feel confident but end up scoring low on a certain domain on a practice test, use this as feedback and circle back to those topics. 

Value of CISSP certification in 2024 and beyond 

Many professionals use the CISSP certification to differentiate themselves from other candidates in the field. As a result, it’s common for those with this certification to enjoy: 

  • Better job prospects: Some employees require CISSP certification before applying for leadership roles or senior positions. In fact, the CISSP is the most requested certification in U.S. job listings. 
  • Higher salaries: Those with their CISSP certification may earn more than those without because some companies feel more comfortable increasing compensation for certified professionals. Read our CISSP salary guide for more information. 
  • Enhanced professional development: Because earning your CISSP certification demonstrates a commitment to cybersecurity excellence, having this in your professional development portfolio can make it easier to advance your career. 

The CISSP has remained a top-requested certification for many years, and its value doesn’t appear to be slowing down. By hiring CISSP-certified staff, organizations can ensure those new hires have the validated knowledge and on-the-job experience needed to help keep data and systems secure. 

CISSP vs other cybersecurity certifications 

There are many cybersecurity certifications you can earn. Comparing the costs, prerequisites and career relevance can make it easier to see if getting your CISSP is the best move. Here are some of the more popular CISSP alternatives: 

Certified Information Security Manager (CISM) 

The CISM certification is a common alternative (or addition to) the CISSP. While the CISSP is broader and more technical, the CISM focuses more on cybersecurity management. Read our CISSP vs. CISM article for more information. 

  • Cost: $575 for ISACA members and $760 for non-members 
  • Required experience: Similar to CISA, CISM certification also requires five years of work experience, but it only needs to be in information security management. 
  • Career relevance: The CISM may be a good fit for those aiming for cybersecurity leadership positions. 

Certified Ethical Hacker (CEH) 

The CEH is a more entry-level certification focused on offensive security. CompTIA also offers a mid-level offensive-focused certification in the PenTest+ and a mid-level defensive-focused certification in the CySA+. If you’re looking for a more targeted technical certification, these are popular options.  

  • CEH cost: The price varies based on the prep course provider, which often includes the cost of an exam voucher in its fees. 
  • CEH required experience: You should have at least two years of experience in cybersecurity or have already finished a training course from an authorized EC-Council provider. 
  • Career relevance: This certification is designed for those who want to focus on ethical (white hat) hacking and other kinds of offensive security, such as participating in red team/blue team exercises. 

Certified Information Systems Auditor (CISA) 

If you’re not looking for a career in management or technical cybersecurity, consider a career focused on risk management or auditing. The CISA is the most popular certification for those considering a career in security auditing. 

  • Cost: $575 for ISACA members and $760 for non-members. 
  • Required experience: You need to have five years of IT security or auditing experience. 
  • Career relevance: Earning your CISA is a good choice for those looking to get into IT and security auditing and compliance assurance positions. 

Why CISSP certification is right for you 

Considering the professional payoff that comes from earning your CISSP certification, many find the costs relatively reasonable. Your ROI comes in several forms, such as pay increases, better positions and more interview opportunities. Also, if you have a cybersecurity job you love, your CISSP certification can instill even more confidence in your employer simply because it demonstrates your commitment to professional development. 

When deciding whether to get your CISSP certification, consider the long-term value it brings to advancing your cybersecurity career.

Earn your CISSP, guaranteed!

Earn your CISSP, guaranteed!

Get live, expert CISSP training from anywhere. Enroll now to claim your Exam Pass Guarantee!

FAQs 

What are the ongoing maintenance requirements and costs for keeping the CISSP certification active? 

To maintain your CISSP certification, you need to either earn 40 continuing professional education (CPE) credits each year for three years or acquire a total of 120 by the end of three years. 

How does CISSP certification compare to other cybersecurity certifications in terms of ROI? 

The CISSP compares well with other cybersecurity certifications in terms of ROI because it is widely recognized worldwide as a high-quality certification, and hiring managers frequently use it to quickly validate knowledge and experience. 

What are the minimum requirements for CISSP, and how can professionals meet them? 

You must have at least five years of cumulative, full-time work experience in at least two of the eight domains on the exam. You can satisfy one year of required experience by earning a bachelor’s or master’s degree in computer science, information technology or a connected field. You can also earn up to one year of qualifying experience by getting another credential from the ISC2’s approved list. 

Jeff Peters
Jeff Peters

Jeff Peters is a communications professional with more than a decade of experience creating cybersecurity-related content. As the Director of Content and Brand Marketing at Infosec, he oversees the Infosec Resources website, the Cyber Work Podcast and Cyber Work Hacks series, and a variety of other content aimed at answering security awareness and technical cybersecurity training questions. His focus is on developing materials to help cybersecurity practitioners and leaders improve their skills, level up their careers and build stronger teams.