CCISO Certification Navigation:
Domain Details
Qualification Requirements
Training and Study Options
Frequently Asked Questions FAQ
EISM Program
Exam Processing Center
Request Application
CCISO Qualification Requirements

There are three paths to attaining the CCISO designation

  • + -

    1. Self Study

    This option is available to individuals who possess the requisite Information Security Management experience. Self study candidates must submit the Exam Eligibility Application proving they have at least five years of experience in each of the five CCISO domains. After a candidate’s application has been approved, they may purchase a Pearson VUE voucher in order to take the CCISO Exam. Credit toward experience is granted in certain domains in the case of industry-accepted, professional certifications and higher degrees in information security as show below. Between certification and training waivers, applicants can only waive 3 years of experience for each domain.

    Domain Professional Certification Waivers Education Waivers
    1. Governance (Policy, Legal & Compliance) CGEIT, CRISC, HISP – 2 years Ph.D. Information Security – 3 years, MS Information Security Management, MS Information Security Engineering – 2 years, BS Information Security – 2 years
    2. IS Management Controls and Auditing Management (Projects, Technology & Operations) CISA, CISM, HISP – 2 years Ph.D. Information Security – 3 years, MS Information Security Management, MS Information Security Engineering – 2 years, BS Information Security – 2 years
    3. Leadership – Projects & Operations PMP, ITIL, PM in IT Security, HISP – 2 years Ph.D. Information Security – 3 years, MS Information Security or MS Project Management – 2 years, BS Information Security – 2 years
    4. Information Security Core Competencies CISSP, LPT, E|DRP, CIPP, MBCP – 2 years Ph.D. Information Security – 3 years, MS Information Security – 2 years, BS Information Security – 2 years
    5. Strategic Planning & Finance None CPA, MBA, M. Fin. – 3 years
    Visit https://www.hispi.org/index.php to learn more about the HISP Certification Program HISP
  • + -

    2. Training

    This option is open to anyone interested in taking CCISO training. Official CCISO Training is required for applicants who do not meet the requirement for self-study (above). Once training has been completed, applicants who would like to sit for the CCISO Exam will be required to fill out and return the Exam Eligibility Application proving that in addition to the the training, they also have 5 years of IS management experience in 3 of the 5 CCISO Domains. Once that application has been approved, instructions for purchasing a Pearson VUE voucher will be issued. Applicants who do not meet these requirements have the option of sitting for the EC-Council Information Security Manager (E|ISM) exam as part of the Associate CCISO Program.
  • + -

    3. EISM The Associate CISO Program

    This option is available to candidates who do not yet possess the required years of experience for either the self-study or training options. Associate CCISOs may sit for official CCISO training and then take and pass the EC-Council Information Security Manager (EISM) exam to enter the program at the associate level. Once the requisite years of experience have been completed, Associate CCISOs may take the full CCISO exam and earn the full certification at a discounted price.

    Click here for more information about the EISM program.

CISO Qualification Steps
CISO Events
Learn more about the 2014 CISO Forum Learn More