ISC2 updates its ISSAP, ISSEP and ISSMP certifications

The world's leading non-profit membership organization for cybersecurity professionals ISC2 has announced updated exam guidelines and the introduction of new AI-powered, adaptive self-study courses for its three most advanced security certifications. These include the Information Systems Security Architecture Professional (ISSAP), Information Systems Security Engineering Professional (ISSEP) and Information Systems Security Management Professional (ISSMP).

Deepening specialist knowledge

These updates take into account the latest best practices in the respective areas and ensure that the certifications meet the current requirements of the industry. The self-study courses help professionals prepare for the updated exams. They help CISSPs and other experienced professionals deepen their expertise, validate their specialized skills and position themselves for leadership roles in their organizations.

"Our most advanced certifications are aimed at CISSPs who want to take the next qualification step, as well as experienced professionals who want to achieve the highest standards of cybersecurity professional education," said Casey Marks, Chief Operating Officer of ISC2. "We are committed to ensuring these certifications remain relevant and impactful. These comprehensive updates reflect our continued investment in our certification programs and our commitment to our members that their credentials are recognized as world-leading."

Revised Test Guidelines

The updated exam guidelines, developed through a rigorous Job Task Analysis (JTA) and reviewed by global subject matter experts, reflect evolving cybersecurity challenges and industry expectations. The revised domains provide a clear, modernized roadmap to the knowledge required to lead effectively in each specialty. The following exam reviews are now available: 

ISSAP exam topics   

• Domain 1: Governance, risk and compliance (GRC)
• Domain 2: Modeling the security architecture
• Domain 3: Infrastructure and system security architecture
• Domain 4: Identity and Access Management (IAM) architecture

ISSEP exam topics   

• Domain 1: Basics of system security technology
• Domain 2: Risk management
• Domain 3: Security planning and technology
• Domain 4: Implementation, verification and validation of system security
• Domain 5: Safe operating procedures, change management and disposal

ISSMP Exam topics

• Domain 1: Leadership and organizational management
• Domain 2: System lifecycle management
• Domain 3: Risk management
• Domain 4: Security operation
• Domain 5: Emergency management
• Domain 6: Legal, ethics and security compliance management

New adaptive online training for self-study

Adaptive online training courses from ISC2 are available for all three advanced certifications. These offer content based on each learner's progress, strengths and areas for improvement, providing candidates with a more targeted learning experience. With the launch of the courses for ISSAP, ISSEP and ISSMP, the rollout of adaptive training for all nine ISC2 certifications is complete. The updated training includes:

• Personalized learning paths supported by AI
• Real-time feedback and progress tracking
• The official ISC2-E textbook
• A new e-book with study questions
• Access to the ISC2 Education Guarantee, which grants repeat course access if a candidate does not pass their exam within one year.

Further information on the exam descriptions, training packages and the first steps is available at: https://www.isc2.org/certifications