EC Council CCISO Certification


The CCISO Certification is an industry-leading program that recognizes the real-world experience necessary to succeed at the highest executive levels of information security. The EC-Council CCISO Body of Knowledge covers all five the CCISO Domains in depth and was written by seasoned CISOs for current and aspiring CISOs.


CISSPs, take the next step and earn your Certified CISO! The CCISO program is designed to turn managers in to Leaders and Executives by focusing not on the technical aspects of information security management, but on the strategic, financial, management skills CISOs need to lead top information security programs. 

The CCISO focuses on 5 Domains:

  1. Domain 1: Governance (Policy, Legal & Compliance)
  2. Domain 2: IS Management Controls and Auditing Management
  3. Domain 3: Management – Projects and Operations (Projects, Technology, & Operations)
  4. Domain 4: Information Security Core Competencies
  5. Domain 5: Strategic Planning & Finance

Who Would Benefit?

  • Current and aspiring CISOs

Exam Info

  • EC Council CCISO Exam
  • Mutiple Choice Exam
  • Exam Duration: 4 hours
  • Total Number of Questions: 250
  • Required Passing Score: 70%

What are the Requirements to Sit for the CCISO Exam?

  1. A student that attends an official EC-Council CCISO training class must have at least 5 years of verifiable experience in at least 3 of the domains to qualify to sit for the CCISO exam.
  2. A student that wishes to sit for the exam without attending official EC-Council training must have at least 5 years of verifiable experience in all 5 domains to qualify to sit for the CCISO exam. In this scenario a $100 application fee is applicable.
  3. A student/instructor that wishes to be a CCISO instructor must have 5 years of verifiable experience in all 5 domains to qualify to sit for the CCISO exam.
  4. There is a fallback certification, should the student not qualify for the CCISO exam. It is the EISM, or, EC-Council Information Security Manager. The difference in the exam lies in the scenario-based questions. For the EISM exam, they are removed. 

Anyone can attend the CCISO course. It’s the exam that has the qualifiers. Moreover, anyone can sit through the CCISO course and attempt the EISM certification (application still required). The requisite and actionable knowledge gained is the same. The only difference in the certs are:

  1. The name
  2. Scenario-based questions are removed from the EISM.