CISSP experience

[Dukester0122]

I want to take the CISSP exam but want to know more about the requirement in experience.

I've been doing IT consulting for 8 years and IT management for 3 years. Currently, my position is IT Manager but I direct the IT initiative of my organization and its subsidiaries.

I have a college degree in Accounting and had taken certifications in Microsoft.

Would this be enough to take the exam?

 

[SimonDavies]

Taken from the ISC2 website.

Applicants must have a minimum of four years of direct full-time security professional work experience in one or more of the ten domains of the (ISC)² CISSP® CBK® or three years of direct full-time security professional work experience in one or more of the ten domains of the CISSP® CBK® with a college degree. Additionally, a Master's Degree in Information Security from a National Center of Excellence can substitute for one year toward the four-year requirement.

CISSP professional experience includes:


Work requiring special education or intellectual attainment, usually including a liberal education or college degree.
Work requiring habitual memory of a body of knowledge shared with others doing similar work.
Management of projects and/or other employees.
Supervision of the work of others while working with a minimum of supervision of one's self.
Work requiring the exercise of judgment, management decision-making, and discretion.
Work requiring the exercise of ethical judgment (as opposed to ethical behavior).
Creative writing and oral communication.
Teaching, instructing, training and the mentoring of others.
Research and development.
The specification and selection of controls and mechanisms (i.e. identification and authentication technology) (does not include the mere operation of these controls).
Applicable titles such as officer, director, manager, leader, supervisor, analyst, designer, cryptologist, cryptographer, cryptanalyst, architect, engineer, instructor, professor, investigator, consultant, salesman, representative, etc. Title may include programmer. It may include administrator, except where it applies to one who simply operates controls under the authority and supervision of others. Titles with the words "coder" or "operator" are likely excluded.

For more information on the CISSP credential or (ISC)², please refer to the Frequently Asked Questions.

 

[iownroot]

Keep in mind that the requirements to actually be awarded the certification are not the same as the requirements to sit the exam.

I will advise anyone of this; They will definantly call your previous jobs and verify your experience. An individual in a study group I was in back when I was preparing for the exam basically "glamorized" his past and present job responsibilities. End result? busted!!!!!

Ironically he was one of those individuals who knew everything about everything (in his own mind of course).

CISSP, MCT, MCSE2K/2K3, MCSA, CEH, Security+, Network+, CTT+, A+