Certified Chief Information Security Officer (CCISO)

About the Program

EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program.

  • Target Audience

    The CCISO is for information security executives aspiring to be CISOs through refining their skills and learning to align information security programs with business goals and objectives. This program also encourages existing CISOs to improve their technical and management skills, as well as business procedures.

  • What's New in CCISO v3
    • New sections covering GDPR 
    • Enhanced focus on Risk Management f rameworks including NIST, TARA, OCTAVE, FAIR, COBIT, and ITIL 
    • More emphasis on Vendor Management• Deep dive into Contract Management 
    • Step-by-step instructions on building and maturing a Security Program• 
    • A CISO-level view of transformative technologies like Artificial Intelligence, Augmented Reality, Autonomous SOCs, Dynamic Deception, and more! 
    • Strategic planning deep dives 
  • CCISO Domains
    1. Governance and RiskManagement
    2. InformationSecurity Controls,Compliance,& AuditManagement
    3. Security ProgramManagement & Operations
    4. InformationSecurity CoreCompetencies
    5. Strategic Planning,Finance,Procurement,& VendorManagement
  • Certification

    To be approved to take the CCISO exam without first taking certified training, you will need to show evidence and present verifiers to show that you have 5 years of experience in each of the five CCISO domains. Experience waivers are available for some industry-accepted certifications and CCISO Exam Eligibility Application Form higher education. Between certification and training waivers, applicants can only waive 3 years of experience for each domain. If you have taken training, you must show 5 years of experience in 3 of the 5 domains in order to take the CCISO exam. 

Become a Member of the

CCISO Community

  •  Free attendance at one EC-Council CISO Event per year (limited free passes available - first come, first served) and deep discounts if you would like to attend more than one event.
  • First notice for speaking opportunities at conferences.
  • Whitepaper assistance, marketing, and publishing.
  • The opportunity to post articles to the CISO Resources Page.
  • The opportunity to give webinars to large EC-Council audiences via our Security Channel.
  • Free subscription to CISO Mag – EC-Council’s online magazine for information security leaders!


Exam Information

Exam Title Certified CISO
Number of Questions 150
Test Duration 2,5 Hours
Test Format Multiple Choice
Passing Score 70%
Availability EC-Council Exam Portal (www.eccexam.com)

Contact Us

Contact Us