As technology is evolving and organizations face new challenges to secure information from the ever increasing threats, there are certified professionals who are trained and specialized to help us achieve our security goals. CISSP (Certified Information Systems Security Professional) is one such highly acclaimed certification focused on computer system security.
ISSAP, which stands for Information Systems Security Architecture Professional, is an application of CISSP. Both certifications are directed by the International Information Systems Security Certification Consortium (ISC). 2 This certification is for network security experts with a minimum of two years of architecture experience. Only those with an outstanding CISSP compliance record are able to sit for the exam. It can be considered as a formal recognition of high expertise in Information Security Architecture. These professionals are placed at key roles and generally design, develop and analyze a complete security plan.
Who Should Earn the ISSAP Certification?
Typically, ISSAP certification is for CISSP certified experts working for positions such as, but not limited to, the following:
Chief Information Security Officer
Chief Technology Officer
What are the ISSAP Domains?
The ISSAP Exam tests a candidate’s knowledge in the following six domains:
1. Access Control Systems and Methodology
Access Control Concepts, Techniques, and Methodologies
Access Management Architecture
2. Communications and Network Security
Communications and Networks
Security Design Considerations and Related Risks
Requirements of Cryptography
Cryptographic Design Considerations and Limitations
Key Management Lifecycle
Integrated Cryptographic Solutions (Public Key Infrastructure (PKI), API selection, etc)
4. Security Architecture Analysis
Security Architecture Approach
Security Architecture – Verifying and Validating Design
5. Technology Related Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)
Business Impact Analysis (BIA) (e.g., legal, financial, stakeholders)
Security Strategies for Availability and Recovery
Continuity and Recovery Solution
6. Physical Security Considerations
Integration of Physical Security Products and Systems
Evaluation of Solutions
What Skills are Tested by the ISSAP Exam?
The ISSAP exam will verify your skills by testing your ability to:
* Develop an architecture that ensures reliability and safety of the information systems design of an organization.
* Classify and install physical access controls, allowing your organization’s information security model to detect, prevent and respond to any suspicious activity.
* Understand and explain how cryptography can protect organizational data and communication from external and internal threats, and your ability to implement it.
* Choose products for organizational communication in accordance with its policies and standards, and implement and monitor for optimal performance.
* Understand and identify adverse events that may result in threatening the normal functioning of the organization.
* Apply soft and hard concepts to access control methodologies.
What is involved with the ISSAP Exam?
The table below shows details of the ISSAP Exam in brief:
Length of Exam: 3 Hours
Exam Format: Multiple Choice Questions
Number of Questions: 125
Passing Grade: 700 out of 1000
Test Center: Pearson Vue Testing Center
How do I Register for an ISSAP Exam?
To register yourself for an ISSAP Exam, carry out the following steps:
Select test location and date
Create a contact login
Accept the terms and conditions
Complete the form online
Pay for the test online
Once application is approved, your test documents will be emailed to you
CISSP Instant Pricing- Resources
What are the best ISSAP study resources?
Below are some study resources for ISSAP Exam Preparation:
Official (ISC)² Guide to the CISSP-ISSAP CBK Textbook
You already know all basic details about the ISSAP exam by now. But what you really need to prepare yourself for is a very tough exam in itself. We have prepared some useful study tips that will help you prepare for the exam efficiently and in a short span of time. Let’s look at some of these tips.
* Make a study schedule. A study schedule will allow you to plan all study milestones and finish on time. It is important that you prepare all six domains in depth, and dividing your time into days or weeks for each domain will help in easily achieving the targets. Encircle your test date on your office calendar or use a large font to constantly get reminders.
* Prepare a summary. Note down all important points and make summary notes for yourself for later reference.
* Practice exam questions. This will help you develop an understanding of how a real exam is. The more you practice, the more confident you will be while attempting the exam. You will also learn to divide your time evenly for all questions during the exam.
The ISSAP certification adds an extra badge of knowledge and experience for CISSP professionals. An ISSAP certified architect plays a lead role in the IT security department and has responsibilities that lie at the upper managerial tier of the organization. This role not only requires vast knowledge and experience in technology, but is also closely related to the analytical aspect of information security. Currently there are only less than one thousand CISSP-ISSAP certified individuals in the United States.