The International Information Systems Security CertificationsConsortium, or (ISC)2, established the Certified Information Systems Security Professional (CISSP) certification program in 1989. The (ISC) 2 is a nonprofit, tax-exempt corporation chartered for the explicit purpose of developing and administering the certification and education programs associated with the CISSP (as well as several CISSP concentrations, and the Systems Security Certified Practitioner, or SSCP, and the Certification and Accreditation Professional, (or CAP) certification. The CISSP certification is based on a Common Body of Knowledge (CBK) identified by the (ISC) 2 and defined through ten distinct domains:
Access Control
Telecommunications and Network Security
Information Security and Risk Management
Application Security
Cryptography
Security Architecture and Design
Operations Security
Business Continuity and Disaster Recovery Planning
Legal, Regulations, Compliance, and Investigations
Physical (Environmental) Security