CCISO Exam Information

Exam Information

Please see the exam blueprint. In order to earn the CCISO, every applicant must pass the exam covering all 5 CCISO domains, regardless of experience in each domain. The exam consists of 150 multiple-choice questions administered over a two and a half hour period. The questions on the exam require extensive thought and evaluation.

About the Exam

There are three cognitive levels tested on the CCISO exam but only two tested on the EISM exam:

  • Level 1 – Knowledge: This cognitive level of questions is used to recall memorized facts. This is the most basic cognitive level rarely accepted on certifications as it merely recognizes the candidate’s ability to memorize information. It can be effectively used when asking for basic definitions, standards or any concrete fact. This level appears on both the CCISO and EISM exam.
  • Level 2 – Application: This cognitive level of questions is used to identify the candidate’s ability to understand the application of a given concept. It differs from Knowledge based questions in the sense that it requires the understanding and correct applicability of a given concept – not just the concept itself. This type of question often quires additional context before the actual question is provided in the stem. This level appears on both the CCISO and EISM exam.
  • Level 3 – Analysis: This cognitive level of questions is used to identify the candidate’s ability to identify and resolve a problem given a series of variables and context. Analysis questions differ greatly from Application based questions in the sense that they require not only the applicability of a concept but also how a concept, given certain constrain can be used to solve a problem. This level appears on the CCISO and not on the EISM exam.


Exam Format : Multiple Choice

  • Total number of questions : 150
  • Exam duration : 2.5 Hours

Passing Score

In order to maintain the high integrity of our certifications exams, EC-Council Exams are provided in multiple forms (I.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only has academic rigor but also has “real world” applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.

Are you Ready to be a CCISO?

Subscribe to the CISO Podcast

Listen on Apple Podcasts
Listen on Stitcher
Listen on Spotify
RSS Feed

CCISO Body of Knowledge

CISO book

The EC-Council CCISO Body of Knowledge covers all five of the CCISO Information Security Management Domains in depth and was written by seasoned CISOs for current and aspiring CISOs.

Get your copy today

Featured Whitepaper