Image of a person working on his desk with papers and phone on table - Destination Certification

January 4, 2024

Did you just recently pass the CISSP exam? Congratulations! However, passing this rigorous test was just your warm-up act. There's another checkpoint ahead—the CISSP endorsement process. Think of it as the final seal of approval, the proverbial cherry on top that solidifies your CISSP stature.

Before you're officially given the CISSP certification, this endorsement checks that you have the knowledge and the real-world experience to wear that title. But don't fret; it's not as daunting as it sounds.

In this article, we'll walk you through this process and unwrap what lies in the endorsement lane. By the end, you'll be armed with everything you need to know about going through that one last step in getting that coveted cybersecurity certification.

CISSP Endorsement requirements

Before you begin with the endorsement process, there are a couple of boxes you've got to tick. Let's look at them:

  • Pass the CISSP exam: This is the most crucial prerequisite. You must pass the CISSP test to be able to start your endorsement process.
  • 5 years of security experience: You can satisfy one year of the CISSP experience requirements with a post-secondary degree (bachelor's or master's) or approved credential on the ISC2 approved list.
  • Endorsement form: You need to fill out a form before you begin the process.
  • An ISC2-certified professional in good standing: This member will affirm that what you've said about your professional experience is valid. You'll also need their member/certification number when completing the online form.

Once you've passed the test, you'll be given 9 months from your exam date to finish your endorsement process. Failure to do so will have your exam-passing status revoked, and you will need to retake the test.

Note: If you have taken the CISSP exam without security experience, you won't be awarded the CISSP certificate. Instead, you'll receive an Associate of ISC2 status and will be given 6 years to satisfy the work experience requirement. Don't worry; you'll still be able to reap some of the CISSP certification benefits, so your efforts are still worth it.

The Role of an ISC2 Endorser

The ISC2 endorser is essentially your CISSP "godparent." They're someone already holding an ISC2 certification, and they've got to be in the clear (think: no suspension or revocation). Their role is to vouch for the experiences you've filled out in your form.

The endorser is not just going to give a seal of approval and say you're awesome. They're affirming that what you've penned down about your professional stint in the security field is legit. In essence, they're putting their ISC2 reputation on the line for you. So, they better know you pretty well and trust that you're not fibbing.

Steps in the CISSP Endorsement Process

Once you've got your prerequisites in check, it's now time to start your CISSP endorsement process. Here's what your journey will look like:

  1. Submitting the Endorsement Application: After those victorious moments of passing the CISSP exam, your first pit stop is the endorsement application. Here, you'll detail your professional experience, and that's where your ISC2-certified buddy steps in to vouch for you. They basically need to sign their portion of the endorsement form.
  2. Verification of Work Experience: This is the point where ISC2 does a background scan. They'll take a magnifying glass to your claimed work experience, ensuring every detail aligns with their criteria. Honesty is the best policy here—after all, a robust security background is built on trust.
  3. Review by ISC2: Finally, once you've made your claims and they've verified them, the ISC2 team will have a final look. They'll review the entire endorsement application and decide if you're all set to receive the CISSP certification.
  4. Receiving Your Certification: Once the ISC2 team gives your endorsement the thumbs up, they won't keep you on tenterhooks. An email will swing by, confirming that you're now a certified CISSP.
  5. Pay Annual Maintenance Fee (AMF): After receiving the email, you'll need to pay the AMF of your new certificate. Then, keep an eye out for the official certification kit in the mail. You're now a CISSP holder.

Reminder: A handful of people who clear the ISC2 exam and send over their certification applications might get a special invite for an audit. This selection is random. If you're one of the chosen few, you'll get the heads up via email.

CISSP Endorsement Timeframe

Once you've submitted your endorsement application, ISC2 typically takes up to 6 weeks to give you an update. This is their standard time to ensure they haven't missed any details and that you're genuinely fit for the certification.

Sometimes, things run a tad longer than expected. If you have yet to hear back after 8 weeks, it might be a good idea to reach out to ISC2. They're quite approachable and will update you on where things stand. Remember, patience is a virtue, but it doesn't hurt to give a gentle reminder!

What Happens If You Get Audited?

Let's get one thing straight: Being selected for an audit isn't a personal dig. It's somewhat the luck of the draw but also a part of ISC2's commitment to maintaining the integrity of the certification. They want to ensure that all CISSP holders truly meet the standards, keeping the title as well-respected as it should be.

If you get drawn for an audit, don't sweat it—you won't be asked about the CISSP certification anymore, so there is no need to review. Just follow the instructions provided by ISC2. You might be asked to furnish more detailed proof of your work experience or other related information. Be prompt, be honest, and remember—if you've got nothing to hide, you've got nothing to fear.

Maintaining Your CISSP Credential

So, you've secured that sought-after CISSP certification. Give yourself a pat on the back! But here's the thing—cybersecurity isn't a one-and-done deal. Just like the tech world never stops evolving, your credential needs some regular love and attention, too.

Here's a look at the CISSP renewal requirements explained briefly:

  • Continuing Professional Education (CPE) credits: These credits are a way to ensure CISSP professionals stay informed and updated. Think of them as learning milestones. Every so often, by attending workshops, webinars, or other educational opportunities, you'll earn these credits, validating that you're keeping pace with the industry's rapid evolution.
  • Renewal Timeframe: Every three years, it's time to renew that shiny CISSP badge. So, set those calendar reminders! As you approach the renewal date, ensure you've accumulated the necessary CPE credits and are ready to cover the renewal fee.
  • Annual Maintenance Fee: Yearly, you need to pay the AMF to keep your CISSP certification.

Frequently Asked Questions

How can I ensure my CISSP endorsement goes smoothly?

To ensure your CISSP endorsement goes smoothly, Double-check that you've met all prerequisites. Ensure you have a valid (ISC)² member ready to endorse your experience. Also, be honest about your work experience; remember, they may verify. Lastly, gather all necessary documents beforehand and fill out the application meticulously.

Can any ISC2 member endorse me for my CISSP certification?

Yes, any active ISC2 certified member in good standing can endorse you. They'll vouch for your professional experience, confirming it's accurate to their knowledge.

Where do I submit my endorsement application?

The endorsement application is submitted online through the official (ISC)² website. Once logged in, you'll find clear instructions to guide you through the process.

Should I take CISSP or CCSP first?

The answer depends on what you're trying to prioritize in your cybersecurity career. If you're looking at management positions, CISSP is a good start. However, if you want to specialize in cloud security, CCSP is the way to go. This CISSP or CCSP first comparison guide will help you determine the best course of action.

Sealing the CISSP Deal: Your Roadmap to Success

Navigating the CISSP endorsement process might feel like its own journey, but with the right tools and guidance, it's one you're more than equipped to conquer. From passing the CISSP exam to ensuring every box is ticked for endorsement and ultimately basking in the pride of having that credential—it's a rewarding path to tread.

If you still haven't started your CISSP journey, let Destination Certification be your companion. We offer various CISSP training resources—from online training to helpful apps—that will help make your CISSP journey as seamless and successful as possible. We can also help answer common queries with this certification, like "Can I take CISSP exam online?" and much more.

So what are you waiting for? Take the leap now with Destination Certification for a brighter and better cybersecurity future.

Image of a purple ad - Destination Certification