CISSP

(ISC)2 Certified Information Systems Security Professional

ISC2Personnel certification (ISO 17024)Leadership

Created per CertMap methodology · Updated 12 May 2026 · About the editorial team →

▾ Jump to …6 sections

Overview

What is CISSP?

The Certified Information Systems Security Professional (CISSP) from ISC2 is considered the gold standard among generalist certifications in information security and is one of the most frequently required qualifications in job postings worldwide. It covers eight domains – from cryptography and network security to software development security – demonstrating broad conceptual competence. The CAT-based exam (125–175 questions) is challenging; 5 years of relevant practical experience are mandatory. The CISSP is particularly suited for mid-to-senior-level professionals pursuing a general security leadership role. Critics occasionally note that it sacrifices technical depth in favor of breadth.

Suitable for

CISO

Information Security Manager

Security Architect

Security Consultant

IT Security Director

Quick facts

AccreditationISO/IEC 17024 by ANAB

Languagesen · de · fr · es · pt · ja · ko · zh

RecognitionGlobal

Insights

CertMap assessment & background

Der CISSP ist seit über zwei Jahrzehnten der am häufigsten genannte Generalist-Standard für Security-Führungsrollen im DACH-Markt. Praxis-Erfahrung in mindestens zwei von acht Domains ist Pflicht, der ISC2-Endorsement-Prozess verlangt eine Referenz aus dem eigenen Berufsumfeld. Aus CISO-Perspektive deckt er Breite zuverlässig ab, ersetzt aber keine domänenspezifische Tiefe. Wer eine technische Spezialrolle anstrebt (Pentest, AppSec, IR), profitiert oft erstmal von einem fokussierten Zertifikat. Die jährliche AMF (125 USD) gilt zusammen mit allen weiteren ISC2-Certs, was das Ressource-Bundle attraktiv macht, wenn man später SSCP oder CCSP nachzieht.

More on CertMap editorial methodology →

Key details

Cost, prerequisites, exam & renewal

Cost over 5 years

Exam fee (acquisition)€689

AMF (5 years)€575

CPE time value (5 years)€16,000

5-year total€17,264

CPE effort: 40 h per year · 200 h over 5 years · Valued at 80 €/h.

How is TCO calculated? →

Classification

CertMap score and matching roles

Rating

Market recognition3 / 33 / 3

Scheme quality3 / 33 / 3

Practice evidence2 / 32 / 3

Maintenance3 / 33 / 3

Marktstärke maximal: Schema-Qualität 3/3 durch ISO/IEC 17024 plus ANAB-Akkreditierung, Markt-Anerkennung 3/3 in globalen Stellenausschreibungen. Substanz solide bei 5/6: Pflege regelmäßig aktualisiert, Praxis-Nachweis 2/3, weil der Pflicht-Endorsement-Prozess durch Bestandsmitglieder keine praktische Lab-Prüfung ersetzt.

Matching NICE roles

Systems Security Management Executive Cybersecurity Leadership Cybersecurity Architecture Enterprise Architecture Secure Software Development Secure Systems Development Software Security Assessment Systems Requirements Planning Systems Testing and Evaluation Technology Research and Development

Mapping from NIST NICE Framework SP 800-181, status 2025. NIST source ↗

About the provider

About ISC2

ISC2 (vormals (ISC)²) ist eine 1989 gegründete, gemeinnützige Standardisierungs-Organisation für Cybersecurity-Zertifizierungen mit Sitz in Florida und über 600.000 Mitgliedern weltweit. Die Cert-Familie (CISSP, CCSP, SSCP, HCISPP) ist nach ISO/IEC 17024 akkreditiert; die jährliche AMF (125 USD) deckt alle ISC2-Zertifizierungen gemeinsam ab. ISC2 betreibt zusätzlich ein eigenes Continuing Professional Education (CPE)-Programm zur Aufrechterhaltung der Mitgliedschaft.

More certifications

From ISC2

CCISC2 Certified in Cybersecurity CCSP(ISC)2 Certified Cloud Security Professional HCISPPHealthCare Information Security and Privacy Practitioner ISSAPInformation Systems Security Architecture Professional ISSEPInformation Systems Security Engineering Professional ISSMPInformation Systems Security Management Professional SSCP(ISC)2 Systems Security Certified Practitioner

In Leadership

CCISOEC-Council CISMISACA ISSMPISC2

This page follows CertMap methodology: editorial content is curated by hand. Score, costs and NICE mapping are aggregated from official provider documents. Score methodology → · TCO methodology →

Transparency: CertMap is operated by Daniel Thomas Heessel, who is also managing director of Threat‑Informed, a company specialising in Threat‑Informed Defense. He additionally offers consulting services on CertMap. CertMap currently receives no commissions from certification providers, no affiliate links, no sponsored placements. Podcast and interview guests are not paid for appearances and receive no affiliate commissions.

From the knowledge base

View all articles →

Methodology

About the CertMap editorial team

CertMap is an independent platform for comparing cybersecurity certifications, built on data-journalism standards that combine editorial curation with mechanical aggregation.

3 min read

Fundamentals