Exam Objectives:
The Information Systems Security Management Professional (ISSMP) exam is designed to test the candidate's knowledge and skills in managing and leading information security programs. The exam covers six domains:
- Leadership and Business Management
- Risk Management
- Security Program Management
- Security Compliance Management
- Contingency Management
- Lifecycle Management
These domains are based on the International Information System Security Certification Consortium (ISC2) ISSMP Common Body of Knowledge (CBK). The ISSMP CBK defines the knowledge, skills, and abilities that an information security manager must possess to effectively manage information security programs.
Exam Details:
The ISSMP exam is a computer-based test consisting of 125 multiple-choice questions. Candidates are given 3 hours to complete the exam. The exam is administered by Pearson VUE, a third-party testing provider. The cost of the exam varies by country, but it is typically around $699 USD for ISC2 members and $899 USD for non-members.
The passing score for the ISSMP exam is 700 out of 1000 points. Candidates who pass the exam will receive the ISSMP certification, which is valid for three years. To maintain the certification, candidates must earn Continuing Professional Education (CPE) credits and pay an annual maintenance fee.
The ISSMP exam is delivered in a computer-based format, and candidates can take the exam at any Pearson VUE testing center worldwide. Candidates must register and pay for the exam through the ISC2 website.
Related Books:
- Official (ISC)2 Guide to the CISSP-ISSMP CBK by Joseph Steinberg
- Certified Information Systems Security Professional – ISSMP Exam Guide by Harold F. Tipton and Steven Hernandez
- Information Security Governance Simplified: From the Boardroom to the Keyboard by Todd Fitzgerald and Thom Langford
- Security Metrics, A Beginner's Guide by Caroline Wong
- CISO Desk Reference Guide: A Practical Guide for CISOs by William F. Slater, III and Walter S. Kowalczyk
These books provide in-depth coverage of the ISSMP CBK domains and can help candidates prepare for the exam. ISC2 also provides study materials, including online courses and study guides, on their website.
Passing the ISSMP exam requires a solid understanding of the six domains and the ability to apply that knowledge to real-world situations. Candidates should have experience in managing and leading information security programs, as well as knowledge of the technical aspects of information security. With proper preparation and study, candidates can pass the ISSMP exam and earn the ISSMP certification.