(ISC)2®, the International Information System Security Certification Consortium, Inc., was founded in 1989. This not-for-profit organization manages the CISSP (Certified Information Systems Security Professional) certification. This advanced-level certification is meant for IT security professionals with the following level of experience: “a minimum of four years of PROFESSIONAL experience in the field of information security. A bachelor's degree can substitute for one of these required years. Additionally, a Master's Degree in Information Security from a National Center of Excellence can substitute for one year towards the four-year requirement." This experience requirement essentially forms the prerequisite for this vendor-neutral certification, although (ISC)2®’s other, lower-level certification, the SSCP (Systems Security Certified Practitioner), is recommended.

In June 2003, (ISC)2® introduced an Associate program that allows candidates to take the exam before they meet the experience requirement. Here’s more on that: “After passing the selected exam and signing (ISC)2®'s Code of Ethics, the Associate must garner the requisite work experience and successfully complete a professional endorsement process before he/she becomes officially certified as CISSP or SSCP.”

In terms of recertification, “The term ‘CPE’ is an acronym for Continued Professional Education credits. After a candidate becomes certified, he/she is required to perform continuing education per 3-year certification period to become recertified. A CISSP must submit 120 CPEs during the 3-year recertification period. Of the 120 CPEs that are required, at least 80 must be ‘A’ credits and as many as 40 can be ‘B’ credits.

The CISSP certification is well suited to IT professionals who aim to be IS (Information Security) professionals, network security professionals, or systems security professionals. The CISSP® designation is achieved by passing one exam.

https://www.isc2.org/cgi/content.cgi?category=19

CORE EXAMS
CISSP®