This option is available to individuals who possess the requisite Information Security Management experience. Self study candidates must submit the Exam Eligibility Application proving they have at least five years of experience in each of the five CCISO domains. After a candidate’s application has been approved, they may purchase an exam voucher in order to take the CCISO Exam. Credit toward experience is granted in certain domains in the case of industry-accepted, professional certifications and higher degrees in information security as shown below. Between certification and training waivers, applicants can only waive 3 years of experience for each domain.
Domain | Education Waivers |
1. Governance, Risk, Compliance/td> | Ph.D. Information Security – 3 years, MS Information Security Management, MS Information Security Engineering – 2 years, BS Information Security – 2 years |
2. Information Security Controls and Audit Management | Ph.D. Information Security – 3 years, MS Information Security Management, MS Information Security Engineering – 2 years, BS Information Security – 2 years |
3. Security Program Management & Operations | Ph.D. Information Security – 3 years, MS Information Security or MS Project Management – 2 years, BS Information Security – 2 years |
4. Information Security Core Competencies | Ph.D. Information Security – 3 years, MS Information Security – 2 years, BS Information Security – 2 years |
5. Strategic Planning, Finance, Procurement, and Third-Party Management | CPA, MBA, M. Fin. – 3 years |
This option is open to anyone interested in taking CCISO training. Official CCISO Training is required for applicants who do not meet the requirement for self-study (above). Once training has been completed, applicants who would like to sit for the CCISO Exam will be required to fill out and return the Exam Eligibility Application proving that in addition to the the training, they also have 5 years of IS management experience in 3 of the 5 CCISO Domains. Once that application has been approved, instructions for purchasing a ECC Exam center voucher will be issued. Applicants who do not meet these requirements have the option of sitting for the EC-Council Information Security Manager (E|ISM) exam as part of the Associate CCISO Program.
This option is available to candidates who do not yet possess the required years of experience for either the self-study or training options. Associate CCISOs may sit for official CCISO training and then take and pass the EC-Council Information Security Manager (EISM) exam to enter the program at the associate level. Once the requisite years of experience have been completed, Associate CCISOs may take the full CCISO exam and earn the full certification at a discounted price.