There are three paths to attaining the CCISO designation:
Self Study
This option is available to individuals who possess the requisite Information Security Management experience. Self study candidates must submit the Exam Eligibility Application proving they have at least five years of experience in each of the five CCISO domains. After a candidate’s application has been approved, they may purchase an exam voucher in order to take the CCISO Exam. Credit toward experience is granted in certain domains in the case of industry-accepted, professional certifications and higher degrees in information security as shown below. Between certification and training waivers, applicants can only waive 3 years of experience for each domain.
Waivers for the CCISO are available to Self Study Candidates
Domain | Education Waivers |
1. Governance, Risk, Compliance/td> | Ph.D. Information Security – 3 years, MS Information Security Management, MS Information Security Engineering – 2 years, BS Information Security – 2 years |
2. Information Security Controls and Audit Management | Ph.D. Information Security – 3 years, MS Information Security Management, MS Information Security Engineering – 2 years, BS Information Security – 2 years |
3. Security Program Management & Operations | Ph.D. Information Security – 3 years, MS Information Security or MS Project Management – 2 years, BS Information Security – 2 years |
4. Information Security Core Competencies | Ph.D. Information Security – 3 years, MS Information Security – 2 years, BS Information Security – 2 years |
5. Strategic Planning, Finance, Procurement, and Third-Party Management | CPA, MBA, M. Fin. – 3 years |
Training
This option is open to anyone interested in taking CCISO training. Official CCISO Training is required for applicants who do not meet the requirement for self-study (above). Once training has been completed, applicants who would like to sit for the CCISO Exam will be required to fill out and return the Exam Eligibility Application proving that in addition to the the training, they also have 5 years of IS management experience in 3 of the 5 CCISO Domains. Once that application has been approved, instructions for purchasing a ECC Exam center voucher will be issued. Applicants who do not meet these requirements have the option of sitting for the EC-Council Information Security Manager (E|ISM) exam as part of the Associate CCISO Program.
Live Training Schedule
The Associate CISO Program
This option is available to candidates who don’t have the required years of experience for the self-study or training options. To qualify as Associate C|CISOs, candidates attend training and are provided access to the C|CISO Body of Knowledge. This instructional guidance provides a roadmap to inform candidates’ career decisions, helping them gain the experience they need to attain the C|CISO title. Once candidates have gained the required experience, they are allowed to take the C|CISO examination and earn the full C|CISO certification upon passing it.
CCISO Qualification Options
Exam Requirements
- In order to qualify to sit for the CCISO Exam without taking any training, candidates must have five years of experience in each of the 5 CCISO domains verified via the Exam Eligibility Application.
- To sit for the exam after taking training, candidates must have five years of experience in three of the five CCISO Domains verified via the Exam Eligibility Application.
- In case there’s a gap in the 5-year experience requirement to qualify for C|CISO, candidates can still apply for the training through the Associate-C|CISO. The Associate-C|CISO offers a provision to candidates to apply for the leadership training with a minimum of 2 years of technical or management experience in any 1 of the C|CISO domains