How to get CISSP-ISSAP certification

CISSP-ISSAP (Information Systems Security Architecture Professional) is a certification issued by (ISC)2.

CISSP (Certified Information Systems Security Professional) is another certification issued by (ISC)2 that is a pre-requirement for CISSP-ISSAP.

A certification that requires CISSP as a pre-requirement is called CISSP concentration.

There are three CISSP concentrations:

  1. CISSP-ISSAP: Architecture
  2. CISSP-ISSEP: Engineering
  3. CISSP-ISSMP: Management

This post is about how to get the CISSP-ISSAP certification.

Frequently Asked Questions (FAQ) about CISSP-ISSAP

What are the requirements to have CISSP-ISSAP certification?

In order to get CISSP-ISSAP, you need to have:

  1. Two years cumulative, paid work experience in one or more of the six domains of the CISSP-ISSAP Common Body of Knowledge (CBK)
  2. CISSP certification in good standing

You may have a look at the post in this blog that explains how to get and maintain CISSP certification.

Which subjects are asked in CISSP-ISSAP exam?

CISSP-ISSAP questions are based on 6 domains:

  1. Architect for Governance, Compliance and Risk Management
  2. Security Architecture Modeling
  3. Infrastructure Security Architecture
  4. Identity and Access Management (IAM) Architecture
  5. Architect for Application Security
  6. Security Operations Architecture

The official CISSP-ISSAP certification exam outline document contains a breakdown of these domains and their content.

What is the recommended material for exam preparation?

You can study using the (ISC)2 official study guide called “Official (ISC)2 Guide to ISSAP CBK“.

You can also check the recommended references for CISSP-ISSAP.

What is the recommended material for exam practice?

Unlike other (ISC)2 certifications (like CISSP, CCSP, etc.) there is no official test practice book.

Nevertheless, there are unofficial authors that have published books or e-books to practice exam questions, as for example:

There are also websites with dump questions. Some of them require an extra charge to allow you to have access to them. Just search for keywords “cissp-issap dump questions” on your favourite search engine.

Is there formal training available?

As of 2021, official (ISC)2 self-paced training costs $1,646.70. It can be checked on this link.

There may also be unofficial training.

How much does the exam cost?

As of 2021, exam fee costs 555 EUR.

How is the CISSP-ISSAP exam?

CISSP-ISSAP takes up to 3 hours.

There are 125 multi-choice questions.

To pass the exam, you need to get a passing score of 700 out of 1000 points.

How do I apply for CISSP-ISSAP exam?

To register for the exam, go to ISC2 site at Pearson VUE and follow the registration steps.

Once I pass CISSP-ISSAP exam, how do I get CISSP-ISSAP certification?

Unlike other (ISC)2 certifications (like CISSP, CCSP, etc.), CISSP concentrations (like CISSP-ISSAP) does not require endorsement. More details here.

Are there study groups for CISSP-ISSAP?

There is no official CISSP concentrations study groups from (ISC)2. You may have a look at the (ISC)2 CISSP study group.

You may also have a look at the Certifications > “Exams” dashboard.

There is the “ISSAP Study Group” at LinkedIn.

Are there testimonials of people who passed the exam?

You can have a look at:

  • Jasperuk’s post at (ISC)2 exam discussions.
  • ioannism’s post at (ISC)2 exam discussions.
  • “ISSEP vs ISSAP” discussion

Are there alternatives to CISSP-ISSAP certification?

If you are looking for alternative security architecture certifications, you may have a look at GIAC Defensible Security Architecture (GDSA).

How many people in the world have achieved CISSP-ISSAP?

Have a look at the (ISC)2 Member Count.

External references

Leave a Reply

Your email address will not be published. Required fields are marked *