Skip to content


Changes to the CISSP and SSCP Exams from April 15, 2015

In order to keep their certifications relevent to changes and trends in the information security arena, (ISC)2 have announced changes to their CISSP and SSCP exam content.

Effective April 15, 2015, the CISSP and SSCP exams will be based on new and revised security-related domains. The revised exams will cover the following domains:

CISSP Domains

  • Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity)
  • Asset Security (Protecting Security of Assets)
  • Security Engineering (Engineering and Management of Security)
  • Communications and Network Security (Designing and Protecting Network Security)
  • Identity and Access Management (Controlling Access and Managing Identity)
  • Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)
  • Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery)
  • Software Development Security (Understanding, Applying, and Enforcing Software Security)

SSCP Domains

  • Access Controls
  • Security Operations and Administration
  • Risk Identification, Monitoring, and Analysis
  • Incident Response and Recovery
  • Cryptography
  • Networks and Communications Security
  • Systems and Application Security

After April 15th, 2015, candidates who already hold either the CISSP or the SSCP will be required to submit their CPE’s (Continuing Professional Education) credits in alignment with the new exam domains.

For more details refer to the (ISC)2 FAQ page concerning the exam changes, here.

Posted in CISSP, Exams, ISC2, SSCP.


0 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.



Some HTML is OK

or, reply to this post via trackback.