(ISC)2 has announced a refresh of the CISSP Common Body of Knowledge (CBK) that will be effective from 15 April this year. Last updated in 2012, CISSP remains the gold standard qualification for developing a senior career in information security.
The announced changes are part of the (ISC)2 commitment to ensure that the certification stays at the forefront of information security management. They reflect the significant updates in the technical and managerial competence required to effectively design, engineer, implement and manage an organisation’s information security program.
The new CISSP CBK (2015) Knowledge Domains are:
- Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity)
- Asset Security (Protecting Security of Assets)
- Security Engineering (Engineering and Management of Security)
- Communications and Network Security (Designing and Protecting Network Security)
- Identity and Access Management (Controlling Access and Managing Identity)
- Security Assessment and Testing (Designing, Performing, and Analysing Security Testing)
- Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery)
- Software Development Security (Understanding, Applying, and Enforcing Software Security)
Geraint Williams, senior CISSP trainer at IT Governance confirmed: “If you are currently studying for the CISSP exam, you will immediately notice that the ten domains have been reorganised into eight new domains. (ISC)2 has confirmed that that while no content has been removed from the syllabus, it has been refreshed and reorganised to include the most current information and best practices relevant to the global information security industry. They are also advising all delegates currently studying the older 2012 domains to book and take their CISSP exam before the 15 April deadline.”
While the syllabus has changed, the exam format has not – it will still consist of 250 questions with a six-hour time limit! The new exam will be available in English from 15 April 2015, with French, German, Portuguese and Spanish exams scheduled for 15 May 2015. The updated official (ISC)² guide to the CISSP Common Body of Knowledge (CBK) will be available to support the refresh in the first quarter of 2015. If you are already a CISSP, you will also need to start reporting your CPE in the eight new domains from 15 April 2015 onward.
Please note that our CISSP Accelerated Training Programme scheduled on 9-13 February will be based on the requirements of the current CISSP CBK (2012 version). From 27 April onwards, all courses will be based on the refreshed CISSP CBK (2015 version).