As technology is evolving and organizations face new challenges to secure information from the ever increasing threats, there are certified professionals who are trained and specialized to help us achieve our security goals. CISSP (Certified Information Systems Security Professional) is one such highly acclaimed certification focused on computer system security.

ISSAP, which stands for Information Systems Security Architecture Professional, is an application of CISSP. Both certifications are directed by the International Information Systems Security Certification Consortium (ISC). 2 This certification is for network security experts with a minimum of two years of architecture experience. Only those with an outstanding CISSP compliance record are able to sit for the exam. It can be considered as a formal recognition of high expertise in Information Security Architecture. These professionals are placed at key roles and generally design, develop and analyze a complete security plan.

Who Should Earn the ISSAP Certification?

Typically, ISSAP certification is for CISSP certified experts working for positions such as, but not limited to, the following:

  1. Chief Information Security Officer
  2. Chief Technology Officer
  3. Business Analyst
  4. System Architect
  5. Network Designer

What are the ISSAP Domains?

The ISSAP Exam tests a candidate’s knowledge in the following six domains:

1. Access Control Systems and Methodology

  • Access Control Concepts, Techniques, and Methodologies
  • Access Management Architecture

2. Communications and Network Security

  • Communications Architecture
  • Network Architecture
  • Communications and Networks
  • Security Design Considerations and Related Risks

3. Cryptography

  • Requirements of Cryptography
  • Usage
  • Cryptographic Design Considerations and Limitations
  • Key Management Lifecycle
  • Integrated Cryptographic Solutions (Public Key Infrastructure (PKI), API selection, etc)

4. Security Architecture Analysis

  • Security Architecture Approach
  • Requirements Analysis
  • Security Architecture – Verifying and Validating Design

5. Technology Related Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)

  • Business Impact Analysis (BIA) (e.g., legal, financial, stakeholders)
  • Security Strategies for Availability and Recovery
  • Continuity and Recovery Solution

6. Physical Security Considerations

  • Assessing Requirements
  • Integration of Physical Security Products and Systems
  • Evaluation of Solutions

What Skills are Tested by the ISSAP Exam?

The ISSAP exam will verify your skills by testing your ability to:

* Develop an architecture that ensures reliability and safety of the information systems design of an organization.

* Classify and install physical access controls, allowing your organization’s information security model to detect, prevent and respond to any suspicious activity.

* Understand and explain how cryptography can protect organizational data and communication from external and internal threats, and your ability to implement it.

* Choose products for organizational communication in accordance with its policies and standards, and implement and monitor for optimal performance.

* Understand and identify adverse events that may result in threatening the normal functioning of the organization.

* Apply soft and hard concepts to access control methodologies.

What is involved with the ISSAP Exam?

The table below shows details of the ISSAP Exam in brief:

  • Length of Exam: 3 Hours
  • Exam Format: Multiple Choice Questions
  • Number of Questions: 125
  • Passing Grade: 700 out of 1000
  • Language: English
  • Test Center: Pearson Vue Testing Center

How do I Register for an ISSAP Exam?

To register yourself for an ISSAP Exam, carry out the following steps:

  1. Select test location and date
  2. Create a contact login
  3. Accept the terms and conditions
  4. Complete the form online
  5. Pay for the test online
  6. Once application is approved, your test documents will be emailed to you

CISSP Instant Pricing- Resources

What are the best ISSAP study resources?

Below are some study resources for ISSAP Exam Preparation:

  • Official (ISC)² Guide to the CISSP-ISSAP CBK Textbook
  • Official (ISC)² Training Seminar
  • http://www.cl.cam.ac.uk/~rja14/book.html

Exam outline

  • Shon Harris CISSP All-in-One Exam Guide, 6th Edition
  • Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd Edition
  • http://blog.jakeeliasz.com/2013/08/12/cissp-issap-loose-notes/
  • http://blog.jakeeliasz.com/2013/10/15/cissp-issap-mindmap/

Study Tips for the ISSAP Exam

You already know all basic details about the ISSAP exam by now. But what you really need to prepare yourself for is a very tough exam in itself. We have prepared some useful study tips that will help you prepare for the exam efficiently and in a short span of time. Let’s look at some of these tips.

* Make a study schedule. A study schedule will allow you to plan all study milestones and finish on time. It is important that you prepare all six domains in depth, and dividing your time into days or weeks for each domain will help in easily achieving the targets. Encircle your test date on your office calendar or use a large font to constantly get reminders.

* Prepare a summary. Note down all important points and make summary notes for yourself for later reference.

* Practice exam questions. This will help you develop an understanding of how a real exam is. The more you practice, the more confident you will be while attempting the exam. You will also learn to divide your time evenly for all questions during the exam.

Conclusion

The ISSAP certification adds an extra badge of knowledge and experience for CISSP professionals. An ISSAP certified architect plays a lead role in the IT security department and has responsibilities that lie at the upper managerial tier of the organization. This role not only requires vast knowledge and experience in technology, but is also closely related to the analytical aspect of information security. Currently there are only less than one thousand CISSP-ISSAP certified individuals in the United States.

Be Safe

Section Guide

Ryan
Fahey

View more articles from Ryan

Earn your CISSP the first time with InfoSec Institute and pass your exam, GUARANTEED!

Section Guide

Ryan
Fahey

View more articles from Ryan