Understanding the CISSP Exam Schedule: Duration, Format, Scheduling and Scoring (Updated for 2019)

July 1, 2019 by Graeme Messina


The certified information systems security professional (CISSP) qualification is one of the many elite certifications offered by (ISC)2. The CISSP is seen by many in the industry as one of the most sought-after certifications available today. It is a vendor-neutral qualification that encourages candidates to design, create, and deploy security systems and protocols within the organization.

What makes this qualification even more prestigious is that you must have a minimum of five years of cumulative, paid full-time work experience relating to two or more of the eight domains in the exam. Having a four-year college degree or regional credential from (ISC)2 will reduce the required experience by one year.

The CISSP exam can be thought of as a tool to measure your ability to mitigate risk and increase security, while performing other IT security-related tasks, such as managing information systems and implementing security procedures. The fact that the CISSP is globally recognized means successful candidates will find ample opportunities regardless of their location.

What Is the Goal of the CISSP Exam?

The goal of the CISSP exam is to test your technical skills, such as implementing and maintaining a security program, or any other tasks that would be performed by a security auditor, systems engineer, CISO, or security architect.

The exam will take you to the next level in your career by strengthening your skills, boosting your self-confidence, and expanding your technical knowledge. The CISSP is DoD 8759-approved and is listed in the categories of IAT Level III, IAM Level II, IAM Level III, IASAE I and IASAE II.

CISSP Exam Schedule, Duration and Format

The CISSP contains 100 to 150 multiple-choice and advanced innovative questions. Advanced innovative questions can take a couple of different forms:

  • Drag and drop—In this type of question, you need to drag one or more answers from one side of the screen into a box on the other side of the screen. Only drag the correct answer(s).
  • Hotspot—Hotspot questions require you to click on a specific point in a graphic representation, such as a diagram of network architecture. The question will usually ask you to identify where a particular component would be located or where a particular type of attack is likely to originate.

You will have three hours to complete the exam, which contains questions from eight domains:

·       Security and risk management 15%
·       Asset security 10%
·       Security architecture and engineering 13%
·       Communication and network security 14%
·       Identity and access management 13%
·       Security assessment and testing 12%
·       Security operations 13%
·       Software development security 10%

When to Schedule Your Exam

Scheduling will depend entirely on your level of preparedness for the CISSP exam. Give yourself time to study and complete as many practice questions as possible before taking the test.

When you are ready, you’ll need to schedule your exam through the Pearson VUE website. Register for an account, log in, and you’ll be presented with testing center and dates options. Note that this information is not available outside of the Pearson VUE website, and it is only available for those with a registered account.

Booking and Taking the Exam

To book the exam, follow these easy steps to make sure you satisfy all of the requirements:

  • Review the exam availability for each exam here.
  • Visit the Pearson VUE website.
  • Create an account and review the non-disclosure
  • Select the best test center for your location.
  • Select an appointment time.
  • Pay for the exam.
  • Keep your confirmation email.

After you complete the above steps, Pearson VUE will transfer your registration information to (ISC)2. You can also register via telephone; the contact numbers for Pearson VUE can be found here.

What Are the Identification Requirements for Testing?

When you arrive at the testing center, you’ll need to provide staff with at least two valid forms of identification. The following ID options are acceptable:

  • A valid state-issued driver’s license
  • A valid state-issued ID card
  • A valid military ID
  • A valid passport
  • A valid green card or resident card

More information regarding the types of acceptable identification for this exam can be found here.

What’s the Exam Arrival Process Like?

Plan to arrive at least 30 minutes before your examination is scheduled to begin. It is a good idea to familiarize yourself with the location of the exam center; make sure you are prepared for traffic and other factors that could affect travel time to the testing center. Arriving early also ensures that any identification issues or queries can be addressed without interfering with your certification attempt.

You will be photographed upon arrival and will have to leave all personal belongings outside of the testing room in a secure area. After you sign in, the test administrator will give you a short orientation and then lead you to your computer terminal.

What Are the Policies for Rescheduling, Late Arrivals and Cancellations?

Online cancellations and rescheduling must be done at least 48 hours before the scheduled examination time. Telephone cancellations and rescheduling must be completed at least 24 hours before the appointment. Pearson VUE charges a rescheduling fee of $50 USD and a cancellation fee of $100 USD. After this point, you must either write the exam or forfeit your registration fees.

If you arrive less than 15 minutes before the exam start time, you will be considered late. You will not be able to write the exam and will forfeit your examination fee. Candidates are expected to arrive at least 30 minutes before the exam is set to start. The person overseeing the exam will use his or her discretion when deciding whether or not a candidate may write the exam after arriving late. If you are turned away due to late arrival, your exam result will appear in the system as a no-show.

If You Fail the Test, When Can You Re-Take It?

If you do not pass the exam on your first attempt, you will have to wait 30 days before you can re-take the test. If you fail a second time, you will have a 90-day waiting period before you can take the exam again. Failing a third time requires a 180-day waiting period. You cannot attempt this exam more than three times in a calendar year, so it is vital that you are thoroughly prepared before booking and taking the test.

What Is the Cost of Taking the CISSP Exam?

The rates below are correct as of April 1, 2018, and may be subject to change. Please consult (ISC)2 if you have any questions regarding examination fees.

Americas and all regions not listed below:
CISSP Exam: $699

Asia Pacific:
CISSP Exam: $699

EMEA (Europe, Middle East, and Africa):
CISSP Exam: $699

United Kingdom – Standard Registration:
CISSP Exam: $699

Middle East – Standard Registration:
CISSP Exam: $699

Africa – Standard Registration:
CISSP Exam: $699

Rescheduling the exam costs 50 USD and cancelling the exam costs 100 USD. Further details regarding the 2017 examination pricing can be found here.

Scoring: What Does It Take to Pass the CISSP Exam?

The CISSP exam contains a minimum of 100 questions and a maximum of 150 questions. Candidates have three hours to complete the exam. (ISC)2 uses an advanced testing system called Computerized Adaptive Testing (CAT). The passing standard for the CAT version of the CISSP exam is identical to the old linear version, which is 700 out of 1000 points. You can download the CISSP exam outline here.

Candidates must rely not only on their study preparations for this certification, but also on their work experience. This is because many of the questions will have multiple correct answers but some answers will be more fitting than others in specific scenarios. The CAT method is designed to assess a candidate’s readiness and overall abilities and the questions that a candidate receives will be based on how he or she answers the preceding questions. An in-depth and detailed exam scoring guide can be found here.


The CISSP has been used as a benchmarking tool for cybersecurity experts in the field of information security for 30 years. It is a highly sought-after certification for any IT professionals who are looking to expand their skillsets and grow as security professionals. The exam requires extensive experience on the part of the test candidate, so sound knowledge and practical hands-on experience is required for anyone who decides to attempt the CISSP.

For more information on how you can get started earning your CISSP, visit the CISSP Boot Camp course page to learn about InfoSec Institute’s self-paced, mentored online, and instructor-led training options. InfoSec Institute’s instructors are well-recognized experts in the industry, teaching programs that boast a 93%+ pass rate, one of the highest in the industry!



Posted: July 1, 2019


We've encountered a new and totally unexpected error.

Get instant boot camp pricing

Thank you!

A new tab for your requested boot camp pricing will open in 5 seconds. If it doesn't open, click here.

Articles Author
Graeme Messina
View Profile

Graeme is an IT professional with a special interest in computer forensics and computer security. When not building networks and researching the latest developments in network security, he can be found writing technical articles and blog posts at InfoSec Resources and elsewhere.