該組織自1992年開始進行的 CISSP 認證，認證涵蓋的專業領域範圍十分廣泛，包括資訊安全管理實作、存取控制系統與方法、通訊與網路安全、密碼學、作業安全、應用程式與系統開發安全、資訊法律、電腦犯罪調查與電腦倫理、實體安全等。不僅如此，CISSP 認證還要求應試者資格，必須具備3~5年的資訊工作經驗。

CISSP 專業領域範圍：

1. 資料存取控制系統及方法
   
2. 應用系統發展安全
   
3. 企業永續計劃(BCP)及災害復原計劃(DRP)
   
4. 密碼學
   
5. 法律犯罪調查及道德守則
   
6. 作業安全
   
7. 實體安全
   
8. 資訊安全系統架構及模式
   
9. 安全管理實務
   
10. 資料通訊及網路安全
    
    

個人準備 CISSP 考試的參考資料

1. CISSP All-in-One Exam Guide (All-in-One) by Shon Harris, Gareth Hancock
2. The CISSP Prep Guide: Mastering the Ten Domains of Computer Security by Ronald L. Krutz, Russell Dean Vines, Edward M. Stroz
3. Advanced CISSP Prep Guide: Exam Q&A by Ronald L. Krutz, Russell Dean Vines
4. Sybex CISSP: Certified Information Systems Security Professional Study Guide
   by Ed Tittel, Mike Chapple, James Michael Stewart
5. CISSP Training Guide by Roberta Bragg
6. Handbook of Information Security Management by Micki Krause, Harold F. Tipton
7. O'Reilly Practical UNIX and Internet Security by Simson Garfinkel & Gene Spafford (Sample Chapters) 
8. O'Reilly Building Internet Firewalls by D. Brent Chapman & Elizabeth D. Zwicky (Sample Chapters) 

1. Official CISSP Study Guide by ISC2
2. Ben Rothke's CISSP preparation slides (download)
3. www.cccure.org
4. http://www.cissps.com/
5. www.vlab.com.tw
6. www.chinacissp.com (bbs.chinacissp.com)
7. www.itpub.net
8. CISSP CBK Review Guides by Rob Slade
9. 楊中皇老師「網路安全」參考資料
10. Maximum Security: A Hacker's Guide to Protecting Your Internet Site and Network
11. www.securityfocus.com
12. SANS InfoSec Reading Room
13. http://www.cissp.com/ new

1. CISSP and SSCP Open Study GROUP Online Quizzer
2. Midwest's CISSP Test Preparation Software (download)

1. Kerberos: IETF RFC 1510 and RFC 2712

1. IEEE Guide to the Software Engineering Body of Knowledge (SWEBOK)

1. IT contingency planning guidelines (NIST SP 800-34)
2. CPM BCP Handbook

1. Handbook of Applied Cryptography  

1. eBCVG Network Security - Cryptography Articles
2. Introduction to Public Key Technology and the Federal PKI Infrastructure (NIST SP 800-32)

1. IETF RFC 1087,  Ethics and the Internet
2. ISC2 Code of Ethics

1. A Guide to Understanding Trusted Recovery in Trusted Systems, NCSC Rainbow Series (Yellow Book)

1. DoD Trusted Computer System Evaluation Criteria, NCSC Rainbow Series (Orange Book)

1. A Guide to Understanding Configuration Management in Trusted Systems, NCSC Rainbow Series 
2. An introduction to computer security: The NIST Handbook (NIST SP 800-12)

1. Information Security Management Systems (Download) 
2. Generally Accepted Principles and Practices for Securing Information Technology Systems (NIST SP 800-14)
3. Risk Management Guide for Information Technology Systems (NIST SP 800-30)
4. Security Self-Assessment Guide for Information Technology (NIST SP 800-26)
5. IETF RFC 2196, Site Security Handbook New
6. Security testing (NIST SP 800-42)
7. Guidelines for developing security plans (NIST SP 800-18)
8. Common Criteria for Information Technology Security Evaluation
9. Conduct Security Awareness and Training 
   
   Building A Security Awareness Program - Addressing The Threat From Within
   
   Building an Information Technology Security Awareness and Training Program (NIST SP 800-50) 
   

1. 台灣 交通大學 資訊科學研究所 資訊安全研究室  「網路安全」教材
2. 大陸 北京大學 計算機系 訊息安全研究室 「網路與訊息安全」教材 及「電子商務安全」教材
3. Keeping Your Site Comfortably Secure: An Introduction to Internet Firewalls (NIST SP 800-10)
4. Guidelines on Firewalls and Firewall Policy  (NIST SP 800-41)
5. Intrusion Detection Systems (NIST SP 800-31)
6. Wireless Network Security: 802.11, Bluetooth, and Handheld Devices (NIST SP 800-48)