• Home
  • /
  • Resources
  • /
  • CISSP Renewal – Maintain Your CISSP Status + Requirements

Last Updated On: April 23, 2024

Earning that CISSP title is no easy feat. If you've landed here, chances are you've got the Certified Information Systems Security Professional (CISSP) badge, and that's no small accomplishment.

But here's a little reality check: Cybersecurity is an ever-evolving field. It doesn't just pause for anyone. While achieving CISSP status is commendable, ensuring it remains relevant is the next challenge. Given how quickly things shift in the tech world, maintaining that CISSP status isn’t just nice to have; it's essential.

If you're wondering how to navigate the renewal process, you're in the right spot. We’ll walk you through the CISSP renewal process, ensuring your certification remains a standout credential in the dynamic world of cybersecurity.

Shall we dive in?

Does CISSP need to be renewed?

Remember the grind to get that CISSP title? That wasn't just a few late-night study sessions. It involved hours of dedication, those in-depth CISSP training Masterclass sessions, and, let's not forget, the sheer determination you put in. No one handed you that badge on a silver platter; you truly earned it. But, like all good things in life, it needs maintenance.

Now, after all the hard work, there's the renewal phase. Given the time, effort, and, of course, the CISSP certification costs, you might be pondering, "Is renewal truly worth it?"

Here's the straightforward answer: Yes, it is, and here’s why.

Cybersecurity is like the weather: unpredictable and ever-changing. With fresh cyber threats emerging and innovative tech solutions being introduced, staying still isn't an option. Renewing your CISSP isn’t just about adding another tick to your resume.

It's your commitment to staying updated and ahead of the curve. It’s a nudge to both yourself and potential employers, signaling that you're in this for the long haul.

And don't for a second think the CISSP certification has lost its shine. It's still a globally recognized certificate in the cybersecurity realm. By ensuring it’s up-to-date, you're essentially guaranteeing that all the time, those long nights, and the investment you made keep bearing fruit in your professional trajectory.

How to renew your CISSP certification

After the uphill battle to clinch that CISSP certification, it's only logical to keep that ball rolling. This isn't just about retaining a title—it's about upholding your demonstrated skill and dedication in the field of cybersecurity. While renewal might feel like another step in a long journey, trust us, it's your pathway to sustained excellence.

Wondering how to keep that CISSP title shining bright? Let’s dive right in and dissect the details.

CISSP renewal period: The three-year cycle

How many years is a CISSP good for?  Once you've clinched that CISSP certification, you've got a solid three years before it's time for a touch-up. However, this three-year span isn't just a break; it's a vibrant period filled with opportunities to continuously refine your expertise, keep up-to-date with the fresh trends, and hone that edge in the cybersecurity landscape.

But why do you need to keep exerting effort after you snatched this coveted cybersecurity certificate? Because when that three-year mark rolls around, the renewal process isn't just about paperwork. It evaluates how effectively you've stayed engaged and updated in your field. 

If you've been proactive during this cycle, your CISSP renewal isn't just a formality—it's a testament to your relentless dedication and growth. So, while the badge might say you're certified for three years, consider this period as a challenge to prove that you're always at the top of your game.

The question is: During these three years, how do you demonstrate that you've remained actively involved and updated in your domain?

Well, that’s where Continuing Professional Education (CPE) credits come in. 

Earning CPE credits

Okay, let's get into the nitty-gritty. If you're in the CISSP game, you've probably heard about CPE credits. But what are they?

Simply put, CPE stands for Continuing Professional Education credits. Think of them as the 'brownie points' you earn for diving deeper into cybersecurity. While they sound bureaucratic, they’re honestly about keeping that professional edge sharp.

Why should you care? Well, CPEs are the golden tickets for CISSP renewal. They're how you prove that you're keeping up with the ever-changing landscape of cybersecurity and not just resting on your CISSP title.

CPEs are divided into two groups: A and B. Let’s break them down. 

  • Group A CPEs: This is where you roll up your sleeves and dig deep into the core of cybersecurity. Whether you're attending workshops about the latest cyber threats or mastering a new hacking tool, they’re a testament that you’re in the thick of the action.

  • Group B CPEs: These are like the cool electives in college. Not directly tied to any of the cybersecurity domains, but -valuable for personal growth. Maybe it’s a leadership seminar or a project management course; they help round out your expertise.

How to earn CPE Credits

We get it. CPEs sound intimidating. But don't fret. There are tons of ways to earn them, and they're not all dull-as-dishwater classroom sessions. Here are the different ways to earn these credits:

  • Educational Courses and Seminars: Yes, sometimes it's back to the classroom (virtual or real). But these aren't your high school math lessons. These courses and seminars discuss cutting-edge info, new techniques, and the latest threats in cybersecurity.

  • Teaching and Presentations: Got a flair for the dramatic? Okay, maybe not dramatic, but if you have insights to share, step up to the podium. Whether you're breaking down complex topics for newbies or presenting your findings to peers, it’s a win-win. You share knowledge and earn CPEs.

  • Get Published: If you love writing, this one's a no-brainer. Whether you're jotting down some groundbreaking security research or just sharing thoughts in an article, if it's in the world of cybersecurity, it counts.

  • Volunteer Your Time: Good Karma and CPEs? What a great combo to prove your skills. Get involved in projects, initiatives, or events tied to our cybersecurity world. Helping out not only feels good but also nudges your CPE counter up.

  • Self-Study and Webinars: Are you more of a self-paced learner? Don’t worry. You can dive into some curated self-paced courses or webinars. As long as it's enriching your cybersecurity knowledge, it counts.

  • Professional Organizations: Joining and actively participating in groups and organizations not only expands your network but, yes, you guessed it, earns you those sweet CPEs.

Simulating the exam environment

It’s not just about earning CPEs; it’s about keeping track of them. If you don’t, all that hard work goes down the drain. Just as in the cybersecurity field, accuracy is paramount. It's vital to maintain a detailed and spot-on record of every CPE you earn. Think of it as the digital paper trail of your growth and dedication.

Luckily, we're not in the dark ages, and there's no need for hefty binders or messy spreadsheets. The ISC2 online portal is your go-to digital toolbox for CPE reporting. It's designed to streamline the process, ensuring your credits are in order and easily accessible.

Of course, just like in the financial world, audits are a thing here too. Occasionally, ISC2 might want a closer look at your CPEs. It's not personal, just standard procedure. But if you've been diligent, you've got nothing to worry about. Just ensure you can provide evidence of your CPE activities, like course transcripts, awarded diplomas, certificates, or receipts of attendance, if asked. 

Paying the annual maintenance fee (AMF)

So, after the hard work of earning and documenting your CPEs, there’s one more crucial element to consider in the CISSP renewal journey: the Annual Maintenance Fee. 

First off, the AMF isn't just some arbitrary charge. This fee allows ISC2 to keep refining and ensuring the CISSP certification remains current and top-notch in the ever-evolving world of cybersecurity. In essence, it helps maintain the value and prestige of your hard-earned certification.

The AMF costs $125 annually for CISSP holders, which isn’t too much compared to the prestige this certification gives. Just a word of advice: don't dally on this payment. Missing the AMF deadline could put your certification status in jeopardy. 

While there's a grace period if your certification goes into a ‘suspended’ status due to non-payment, continuous oversight might result in you parting ways with that CISSP title. Setting reminders or marking your calendar can save you from such hiccups.

Submitting the CISSP certification renewal application

Once you've clocked in those CPEs, diligently documented each of them, and settled your AMF, you're almost at the finish line. The final step? Submitting the CISSP Certification Renewal application.

First off, gather your essentials. You'll need to provide details about those CPE activities you've been diligently racking. And like when you first got your certification, you must also fulfill the CISSP endorsement requirements. In other words, you need an endorsement from another ISC2 member. Additionally, gather any other documentation proving your continuous dedication and learning in the field.

Accuracy is key here. Before hitting that submit button, give everything a thorough once-over. Ensure every detail of every entry is spot-on. Remember, this is your professional standing we're talking about. Mistakes? We don't want those.

Here's a pro tip: The world of cybersecurity, as we all know, is fluid, and so is the process of renewing that precious CISSP certification. It might differ slightly based on the specific criteria and rules in place at the time. 

So, while you're on the ball with your details, also check the ISC2 website. Review the instructions, ensure you're up-to-date with new requirements, and only then make your move to submit.

CISSP renewal without CPE Credits

Let's be real: life happens. Maybe you were on an around-the-world adventure, or perhaps other commitments meant those CPEs took a backseat. If you find yourself at the CISSP renewal crossroads without a full deck of CPEs, don't hit the panic button just yet. There's a lifeline you can grab onto.

For certain circumstances, ISC2 will allow you to renew your CISSP without the standard CPE count. But there's a catch. It means you'll have to associate with ISC2’s retake policy. Think of it as a refresher—a way to prove that your cybersecurity prowess is still top-notch, even without those extra credits in your arsenal.

How does this work? You'll have to sit for the CISSP certification exam again. While that sounds daunting, consider it an opportunity to solidify everything you've learned and experienced over the past few years. On top of that, it's a fantastic way to learn about the CISSP certification again and its eight domains

What if your CISSP status expires?

So, amidst the hustle and bustle of life, you blinked, and suddenly, your CISSP status is sitting on the expired shelf. It happens to the best of us. But before the panic sets in, let’s talk about where to go. It’s not the end of your cybersecurity world; it’s just a tiny hiccup.

Let’s start with the implications. Letting your CISSP certification lapse means that, for a period, you're out of the elite circle of certified professionals. That title of honor you worked so hard for isn't shining beside your name anymore. And let's face it: in the cybersecurity domain, that certification means a lot.

But here's the silver lining. Your journey to regain that CISSP status might be easier than you think. There are pathways carved out, especially for those in your shoes. One way is by seeking certification reinstatement. This isn’t a magic button but more of a process where you show ISC2 that you still have the skills and expertise they expect from a CISSP pro. It might involve brushing up on some areas, perhaps even retaking that CISSP certification exam online, but you've done it once; you can ace it again!

However, the specifics can vary, especially with changes and updates in the ISC2 policies. So, make it a habit to check out their official site and familiarize yourself with the nitty-gritty details.


Does CISSP Need To Be Renewed?

Yes, the CISSP certification needs to be renewed every three years. CISSP holders are required to earn and submit a minimum of 120 Continuing Professional Education (CPE) credits during their three-year certification cycle and pay an annual maintenance fee to keep their certification active and valid.

Does CISSP Expire After 3 Years?

No, the CISSP certification does not automatically expire after 3 years. However, to maintain the certification, holders must fulfill the renewal requirements by earning 120 CPE credits every three years and paying the annual maintenance fees to ISC2. Failure to meet these requirements can result in the certification becoming inactive.

How Long Is CISSP Good For?

The CISSP certification is valid for three years. Certification holders must renew their certification by earning Continuing Professional Education (CPE) credits and paying the Annual Maintenance Fee (AMF) to ISC2.

Renew with ease

Look, we all know the drill—CISSP isn't a one-and-done deal. From diving deep into cybersecurity nuances to those CPE credits and renewal process, it's a ride. But here's the thing: This very commitment sets you apart in the cyber realm.

If you need to retake the exam or brush up on your CISSP knowledge, Destination Certification can be your guide. We offer CISSP online training classes led by seasoned cybersecurity experts with extensive experience conducting CISSP classes and guiding numerous aspirants to secure their certification.

So, if you’re ready to continue your CISSP journey, we’ll be with you every step of the way. 

Image of Rob Witcher - Destination Certification

Rob Witcher

Rob is the driving force behind the success of the Destination Certification CISSP program, leveraging over 15 years of security, privacy, and cloud assurance expertise. As a seasoned leader, he has guided numerous companies through high-profile security breaches and managed the development of multi-year security strategies. With a passion for education, Rob has delivered hundreds of globally acclaimed CCSP, CISSP, and ISACA classes, combining entertaining delivery with profound insights for exam success. You can reach out to Rob on LinkedIn.

Image of a purple ad - Destination Certification