CCISO
EC Council Certified Information Security Officer
Created per CertMap methodology · Updated 12 May 2026 · About the editorial team →
▾ Jump to …4 sections
Overview
What is CCISO?
The Certified Chief Information Security Officer explicitly targets current and aspiring CISOs and is thus one of the few certifications that consistently addresses the interface between security strategy and business leadership. EC-Council has occupied a meaningful niche with the CCISO: the five domains cover executive management, risk, governance, finance, and strategic program development. In market perception, however, CCISO stands well behind CISSP – the number of explicitly requested CCISO positions is low. EC-Council enjoys respect in academic and US government circles, but is viewed somewhat critically in the European community. For candidates on the path to CISO position, CCISO is a useful complement, not as a standalone credential.
Quick facts
Key details
Cost, prerequisites, exam & renewal
Cost over 5 years
Prerequisites
5 years of experience in at least 3 of the 5 CCISO domains. Official training can partially substitute for experience.
Exam format
150 multiple-choice questions, 2.5 hours, proctored. Passing score: 72%.
Renewal & maintenance
Valid for 3 years. 120 ECE credits over 3 years + annual AMF (100 USD).
Classification
CertMap score and matching roles
Rating
Matching NICE roles
Mapping from NIST NICE Framework SP 800-181, status 2025. NIST source ↗
More certifications
More certifications
From EC-Council
CEHEC Council Certified Ethical HackerThis page follows CertMap methodology: editorial content is curated by hand. Score, costs and NICE mapping are aggregated from official provider documents. Score methodology → · TCO methodology →
Transparency: CertMap is operated by Daniel Thomas Heessel, who is also managing director of Threat‑Informed, a company specialising in Threat‑Informed Defense. He additionally offers consulting services on CertMap. CertMap currently receives no commissions from certification providers, no affiliate links, no sponsored placements. Podcast and interview guests are not paid for appearances and receive no affiliate commissions.
From the knowledge base
View all articles →About the CertMap editorial team
CertMap is an independent platform for comparing cybersecurity certifications, built on data-journalism standards that combine editorial curation with mechanical aggregation.
Certification vs. Certificate: What's the Difference?
Personnel certification per ISO/IEC 17024 versus a training certificate. Why the distinction matters.
BSI IT-Grundschutz: Practitioners, Advisors, and the Accreditation Question
What distinguishes Practitioner from Advisor, and where does accreditation sit in the BSI path?
1:1 with the CISO
Need the full picture for your case?
60 minutes of personal strategy instead of weeks of self-research. Vendor-independent, with a written report.