The Endorsement Process - CISSP, SSCP & other (ISC)2 certifications

Heartiest congratulations to you, if you have provisionally passed the CISSP, SSCP or any other (ISC)2 certification. After spending weeks or even months preparing for one of the most difficult exams, you have that very sheet of paper in your hand which says:

Dear XXX, 

Congratulations! We are pleased to inform you that you have provisionally passed the Certified Information Systems Security Professional (CISSP®) examination. By passing this examination, you have completed the first of two steps toward earning your CISSP credential!

Notice that it is mentioned that you have provisionally passed the exam. Although the most challenging task is over, there is one more hurdle before you get the CISSP certificate in your hand. What is it? Well, this post is all about that.

The next step as is mentioned in the emailer/letter is that you need to get yourself endorsed and submit the requisite details. I have tried to create a step by step guide here to help you out. If you have recently gone through the process and find that certain changes have been made, do let me know, so that I can update the post. This will help prospective candidates who have passed the exam or about to give the exam.
  • You need to complete the endorsement process within 9 months of giving the exam. This gets updated from time to time. Be sure to check your email or connect with (ISC)2 in case you have any concerns. The email id is or
  • If you have the requisite experience ( 5 years for CISSP and 1 year for SSCP), you can begin the endorsement process.
  • You need to submit your application by logging onto the link -

On clicking the above link, you’ll find the following screen, which will give you further details on what needs to be kept in mind for the endorsement process. Earlier, there was no provision of self endorsement. This was introduced that in case you do not know a person who possesses the certification you have applied for, you can endorse yourself and the application will be reviewed by (ISC)2 panel of experts themselves.

Notice the “New Endorsement Application” button on the right-hand corner. To begin the process, click on this button. In a nutshell, here are the steps for the endorsement.

You will find the following screen when you click the “New endorsement Application”

You will notice that neither SSCP nor CISSP is showing in this list above for me as I have already been certified for these certifications.

However, CISSP or SSCP will be visible for you and you can select the same. 

Post selecting the certification, you will be asked to select as a Member or Associate. An associate is to be selected if you do not have the required experience in your certification. 

Post selection, you will be asked to give the details of the person ( Member ID) who would be endorsing you. Say, for example, if I endorse you, you will add my member ID and the application request will automatically be sent to me for review. If you do not know anyone, you can ask the (ISC)2 to endorse your application.

If you have already completed a previous certification or a Master’s degree, you may request for an experience waver from (ISC)2. When I submitted the application for CISSP, I requested for an experience waiver of 1 year as I was a certified SSCP. This is an optional process.

You need to enter your complete job history details in the form in the next step. Points to note while filling in job history:
  1. Fill in all the details. Do not miss out even in case of contractual assignments.
  2. Curate your experience and showcase with respect to domains of the certification. Take an example - Mayur has an experience of 3 years in software development, 2 years in operations and 1 year in IAM. It’s better to tweak and present the security aspect in this experience rather than just writing it for the sake of mentioning it. 

You will be asked to review the application. Review it and submit it. Now it’s time to chill and be patient. Applications generally take 3-5 weeks for review. It may take shorter or longer than this. 

Your application will be under process till the time it is reviewed and you are certified by the (ISC)2. When you log in to your account, you will find the following message.

Have you recently completed the process? If yes, share your inputs in the comments section below.


You may also like to read...

Identification, Authentication, Authorization, and Accountability

Access Control Models - DAC, MAC, RBAC , Rule Based & ABAC

How to Pass SSCP Exam in the First Attempt

Understanding Security Modes - Dedicated , System high, Compartmented , Multilevel

Cloud Computing - The Logical Model