Real life experience combined with the classroom teaching did the trick for me (to pass the exam). As such you can’t memorize the entire CBK and will have to rely on your knowledge base. Bear in mind that you only have 4 hours for the test and in order to successfully complete the 250 questions, you will have to know the answer to the majority of the questions without thinking. I expected the exam to be hard because parts of it is CISSP level, some parts are CISM/CISSP-ISSMP level combined with the security program management part which is core C|CISO BOK and with only four hours and 250 questions, there wouldn’t be time for second thoughts on the answers. Therefore, when preparing, it was difficult because you could answer all questions when training, however, would you be able to do so during the test, under time pressure, and where you had to rely on your judgement and avoid second thoughts on the answers. However, the difficulty level of the questions was perfect, it was the time pressure and that you are forced to rely on your first answer that made it difficult. I believe that it was a perfect test as this is often how the CISO have to deal with questions during work hours. When the company experiences a security incident, a disaster, or a cyber attack, the CISO has to make decisions, take leadership and decide quickly, similar to the test.

I hold the following certifications: CISSP, GICSP, ISO27000 LI, CISM, CCSK. The C|CISO is the only certification which targets the CISO role. The CISSP is quite technical, but not that deep into the different areas. Other certifications, such as CISM, ISO27000LE, GICSP, and CCSK dig deeper into various parts of security management or the management task itself. Many of the other certifications often explain the pros/cons about having a central controlled security program versus a de-central program – without really explaining what this means. The C|CISO certification, however, is the only education, at least that is how I see it, that targets program management, security program management, business cases, stakeholder management, organization, and so forth. Therefore, the certification is brilliant when it comes to consultants that deliver CISO-as-a-Services or who deal with global operating companies as they often have quite a complex security program with many local or regional regulations to comply with. The C|CISO program, with its focus on the many different standards, has helped me in understanding large complex companies better. Because of this, the door to CISO roles in large multinational companies is now within reach.

The C|CISO program has helped me in creating better security programs as now I often find myself creating more than one security program. Today, we not only have the security program for the administrative part of the company, also the factory security now has its own security program. Regions, such as EU or the USA also quite soon will have its own program as it otherwise becomes too difficult, meaning expensive, to cover in one program.

I am one of the first Batch of CCIOS certified professionals. I have gone through the entire CCISO program which now directly relates to my current / previous job functions. CCISO Body of Knowledge will truly prepare me for a role as a leader in InfoSec filed. I am confident that I will be using almost everything I learned in the CCISO program. I am glad and CCISO is Great certification program for information security executives.

The CCISO Program will help me in understanding the importance of aligning the Engineering and Security governance structures more closely. The program supports my career goals by increasing my understanding that the CISO goals and objectives should be aligned with those of the organization. The instructor was great!

The CCISO program will improve my ability to translate technical security issues to none technical leaders. My next career goal is to become CISO in a medium to larger organization. The CCISO program is absolutely in line with my career plans. The best part of the class was the information exchange with the other students.

I consider the CCISO Program to be a logical information building block to my CISM and CRISC. The perspective at the CISO level is important to understand in my current position. My career goal is to continue supporting the DoD CIO and I needed to understand this perspective on information security to better support my support of the DoD CIO.