CISO FAQ

1. What is the CCISO Program?

A. The Certified Chief Information Security Officer program is the first of its kind certification that recognizes an individual’s accumulated skills in developing and executing an information security management strategy in alignment with organizational goals. C|CISO equips information security leaders with the most effective toolset to defend organizations from cyber-attacks. To rise to the role of the CISO, strong technical knowledge, and experience is more imperative now than ever before but it must be accompanied by the ability to communicate in business value. C|CISOs understand that their information security decisions often have a direct impact on their organization’s operational cost, efficiency, and agility. As organizations introduce new technologies, C|CISOs will develop and communicate a strategy to avoid the potential risks stemming from their implementation to the organization’s operations.

2. How do I apply for the CCISO Exam?

A. In order to qualify to take the CCISO Exam, applicants must fill out the CCISO Exam Eligibility Application found here. Applications should be emailed to [email protected]. If the applicant is attempting the exam without taking EC-Council Authorized Training, five years of experience in each of the five CCISO Domains is required (experience can be overlapping) and a $100 application fee is due with the application. If an applicant has purchased EC-Council Authorized Training, there is no application fee due and only five years of experience in three of the five domains is required. For more information, please see https://ciso.eccouncil.org/cciso-certification/.

3. How long does it take to process the CCISO Exam Eligibility Application?

A. Application processing time varies due to the fact that part of the process involves reaching out to verifiers indicated by the applicants as able to verify their experience. In order to speed up this process, applicants can assist the application processing team by reaching out to their verifiers to ensure they have received the required forms from EC-Council and understand what is required. Applications from students in EC-Council Authorized Training are prioritized and expedited in order to ensure testing can occur at the time of the class if the student desires.

4. What are the five CCISO Domains?

A. The five CCISO Domains are:

1. Domain 1 – Governance, Risk, Compliance

2. Domain 2 – Information Security Controls and Audit Management

3. Domain 3: Security Program Management & Operations

4. Domain 4: Information Security Core Competencies

5. Domain 5: Strategic Planning, Finance, Procurement, and Third-Party Management

5. Five years of experience is required in each of the five CCISO Domains (self-study). Does that mean 25 years of experience is required?

A. No! In most high-level information security management jobs, each of the 5 CCISO Domains is part of each day. The five years can and usually do overlap.

6. How do I know if I’m ready to take the CCISO Exam?

A. You can take our assessment exam! Test Your Knowledge Here!

7. What if I don’t have five years of experience in three of the five CCISO domains? Does that mean I can’t take the CCISO training?

A. No! If you do not meet the minimum requirements for the CCISO Exam, that doesn’t mean you can’t take training. Anyone can take the CCISO course, but only those who qualify to take the CCISO Exam will be issued an exam voucher. Students who do not have the years required can take the EC-Council Information Security Manager (EISM) exam after CCISO training.

8. What is the EC-Council Information Security Manager (EISM) program?

A. The EISM program allows students who are not yet qualified to sit for the CCISO exam to take the training course and attain an EC-Council certification. EISMs may apply for the CCISO Exam once they have acquired the years of experience. The eligibility application fee is waived and EISMs will receive a 50% discount from the normal CCISO Exam price.

9. What are the EC-Council Authorized Training options?

A. CCISO training is available at:

– In-person training is available at EC-Council events (www.hackerhalted.com) and others listed under the training section of this page: https://ciso.eccouncil.org/cciso-certification/.

– Online via our iClass program. Options for self-paced and live online are available. Click here for more information!

– In-person training via our Accredited Training Center network! Fill out the form found here to find a training center in your area: https://www.eccouncil.org/Training.

10. How do I know if C|CISO is for me?

A. C|CISO is the right choice for you and your career if you:

– Aspire to attain the highest regarded title within the information security profession – CISO

– Already serve as an official CISO

– Or perform CISO functions in their organization without the official

11. I am an HR manager. Why should I hire a C|CISO?

A. C|CISO will give you assurance that the certified professional possesses the necessary skills to identify factors that pose risk to the successful operation of your organization and develop and implement technical, operational, and procedural safeguards to manage those risk factors. C|CISOs are the leadership force that will protect your organization from unwanted and costly security breaches by designing information security programs and leading a team of information security professionals.

12. How long is the CCISO certification valid?

A. Your C|CISO certification is valid for a period of three years.

13. What do I need to do to renew my certification?

A. To renew your certification you must satisfy the Continuing Education requirements and remit a renewal fee of $100.00 (USD).

14. I have more questions.

A. We would love to help! Contact us at [email protected] or +1-505-341-3228 for answers!

Are you Ready to be a CCISO?

Subscribe to the CISO Podcast

apple podcasts badge 165x40 1 - CISO FAQ
listen on Stitcher badge - CISO FAQ
spotify podcast badge blk grn 165x40 1 - CISO FAQ
reader 164x40 2 1 - CISO FAQ

CCISO Body of Knowledge

CISO book - CISO FAQ

The EC-Council CCISO Body of Knowledge covers all five of the CCISO Information Security Management Domains in depth and was written by seasoned CISOs for current and aspiring CISOs.

Get your copy today

Featured Whitepaper

Request the CCISO Exam Application!

Apply Today!