ISC2 CCSP

How to become CCSP certified – Certification requirements [updated 2022]

Lester Obbayi
January 6, 2022 by
Lester Obbayi

The Certified Cloud Security Professional CCSP certification by (ISC)² is one of the most advanced cloud security certifications available today. It is awarded to students who can show that they have attained the advanced technical skills and knowledge required to design, manage and secure data, applications and infrastructure in the cloud and employ the accepted best practices, policies and procedures. This article will discuss the various things an aspiring candidate needs to know to embark on the journey of becoming CCSP-certified.

Earn your CCSP, guaranteed!

Earn your CCSP, guaranteed!

Save your spot for an upcoming CCSP Boot Camp and earn one of the most in-demand cloud security certifications — guaranteed!

What are the requirements necessary to take the CCSP?

For you to take the CCSP, (ISC)² requires that you must have attained a certain level of experience.

First, you must have a minimum of five years of paid work experience in the information technology field. Of the five years, three years' experience must be in the information security field and one year in either one or more of the six domains of the CCSP CBK. You should also note that earning CSA's CCSK certificate can be substituted for the entire CCSP experience requirement.

If you do not have the required experience, there is the option of becoming an Associate of (ISC)². In this case, you must have successfully passed the CCSP examination. As an associate of (ISC)², you will have six years to earn the five years of the required experience. Working part-time or interning may also contribute to your experience.

What work experience do you need to satisfy the requirements?

You are required to prove that you have worked in a cloud computing environment, doing either information security-related work or work that requires knowledge in cloud security involving direct application. Your experience must fall within one or more of the following six domains of the (ISC)² CCSP CBK:

  • Domain 1 - Cloud Concepts, Architecture and Design
  • Domain 2 - Cloud Data Security
  • Domain 3 - Cloud Platform & Infrastructure Security
  • Domain 4 - Cloud Application Security
  • Domain 5 - Cloud Security Operations
  • Domain 6 - Legal, Risk and Compliance

You should also note that full-time experience is accrued monthly and that a minimum of 35 hours per week (for four weeks) amounts to one month of work experience. Part-time experience must be more than 20 hours a week but not exceeding 34 hours. Paid or unpaid internships are also acceptable, but you will need to obtain company documentation confirming that you are indeed interning. If you are interning at a school, the documentation can be on the registrar's stationery.

How long does it take to prepare for the CCSP exam?

The length of time it takes to prepare for the CCSP exam will vary greatly depending on the study method you pick and your experience in IT and IT security. Some students have achieved study times of 300 hours, while some manage to pull it off in two weeks. So as you can see, it depends on the amount of effort you put into your study.

There are a couple of official study methods defined by (ISC)² at your disposal. They are as follows:

Classroom-based

Classroom-based study methods will involve the conventional classroom and instructor setup and require your physical presence. This will most certainly be of interest to you, especially if you live near an accessible training location and at the time a session is being offered. 

Online instructor-led

Online instructor-led sessions are very convenient, especially if you are limited geographically or prefer online study sessions. 

Online self-paced

If you have a busy schedule, you might want to study at your own pace with online resources. The most obvious advantage of this method is that you can determine how fast you move as you study. Some people accomplish effective preparedness within a very short time, but it depends on your own style and IT experience. 

Private on-site

If your company has candidates interested in the CCSP, (ISC)² provides private on-site training either at your office or at any private venue near you. The study is conducted by an (ISC)²-authorized instructor and runs three to five days in length.

You can also obtain official study tools that will act as a supplement to your courseware here. These will include official textbooks, official study guides, official study apps, flashcards and official practice tests.

What are the candidate's background qualifications?

(ISC)² will conduct a background check on its certified members and requires that you be of the highest ethical and professional caliber. To that end, candidates must ensure that they satisfy the following:

  • You have never been convicted of a felony or a crime based on dishonesty. However, this does not include traffic offenses that are prosecuted in juvenile court.
  • You have never been involved in or publicly identified with criminal hackers or hacking.
  • You have never been disciplined by a certification body or had your certification revoked.
  • You have never been known by any other names, aliases or pseudonyms. This does not include name changes due to marriage or adoption.

If you do not meet the criteria above, you might not be eligible for any (ISC)² certification. However, if you believe that you can argue your case effectively, you may contact legal@isc2.org before scheduling your exam.

You should note that if you make payment for the examination before undergoing a background check by (ISC)², you will not be refunded your payment if you are found ineligible for certification.

What are the steps to becoming CCSP-certified?

The steps to becoming CCSP-certified are fairly straightforward. They are broken down into four stages:

Ensuring the CCSP is right for you

Before you can embark on your journey to acquiring the CCSP, it is important to determine whether it is the right certification for you. This is often an overlooked step but is very important, especially for those not coming from a security background. Whether or not you are coming from security, you need to see yourself in the next couple of years and decide whether you want a security career, especially cloud security.

A little online research will show you that many more certifications are out there to consider.

Registering and preparing for the exam

Registering for the exam is as simple as creating an account with Pearson VUE, the leading provider of global computer-based training for certification and licensure exams. More concerning the testing locations, policies and accommodations can be found here.

Preparing for the exams involves choosing the right study method. (ISC)² provides official materials that can be used to study and prepare, as discussed above. Different study methods will work differently for different people, so make sure you go with what you are comfortable. And always remember: it's all about determination and commitment.

Getting certified

We also discussed the path to become an Associate of (ISC)² while you earn the work experience. As seen above, this certification demands a couple of qualifications in terms of experience. However, getting certified requires that you both complete the endorsement process and agree to the (ISC)² code of ethics.

Completing the endorsement process is done online. It attests that your assertions regarding professional experience are true and that you are in good standing with the cybersecurity industry.

Agreeing to the code of ethics allows you to maintain the certification you have just earned. You will be simply agreeing to:

  • Protect society, the common good, necessary public trust and confidence and the infrastructure
  • Act honorably, honestly, justly, responsibly and legally
  • Provide diligent and competent service
  • Advance and protect the profession

Becoming an (ISC)² member

After being certified, you officially become an (ISC)² member. This opens you up to a large global community of more than 138,000 certified cybersecurity professionals. As of Jan. 1, 2021, the total number of CCSP holders is 8,776.

This opportunity allows you to maintain and advance your skills through a wealth of continuing education opportunities. You will remain informed on the latest trends and best practices and ensure your experience remains relevant going forward in your career. There are also numerous other benefits that you can find here.

Earn your CCSP, guaranteed!

Earn your CCSP, guaranteed!

Save your spot for an upcoming CCSP Boot Camp and earn one of the most in-demand cloud security certifications — guaranteed!

Becoming CCSP certified

This article has covered what you need to know as you embark on your journey to become CCSP-certified. We have also discussed the requirements that must be achieved before beginning.

One of the most important things to always remember is to first get your background check done before scheduling your exam. Remember to discover which study method works for you, put in the right effort, pass and receive your credential.

For more on the CCSP certification, check out our CCSP certification hub.

Sources

CCSP Experience Requirements, (ISC)²

Tips for Passing the CCSP Exam, Microsoft TechNet

Lester Obbayi
Lester Obbayi

Lester Obbayi is a Cyber Security Consultant with one of the largest Cyber Security Companies in East and Central Africa. He has a deep interest in Cyber Security and spends most of his free time doing freelance Penetration Tests and Vulnerability Assessments for numerous organizations.