Become (and stay) a CISSP on a Budget
Richard R, CISSP, FITSP-M, PMP, MBA, Security+, Network+, Project+
Last Revised: August 2015
As I prepared for my CISSP certification I came to a serious realization; This can be a very expensive certification to earn and maintain! While many hopefuls have corporate backing and training budgets, there are many candidates seeking to obtain CISSP certification without external financial support.  Between the costs of training materials, the annual maintenance fee, and the costs associated with obtaining continuing professional education (CPE) credits the dollars (or your chosen local currency) can really add up! While I don't consider myself to be "cheap", I would certainly consider myself to be thrifty. My CISSP journey started with successfully passing the exam in December 2010 and I have put together this resource, dedicated to helping others who are seeking to gain knowledge and competency in the domains of the CISSP common body of knowledge (CBK) without significant financial expense.  To make myself clear, I do not consider any of this a "cram", "braindump" or "shortcut" technique, and I firmly believe that candidates for certification are expected to know the concepts of the CBK and apply them to successfully pass the exam. The only way to do this is to study, apply, review, apply, understand and apply the concepts on the day of the exam, hopefully leveraging some real-world experience to put it all together.  Passing the exam will only be the start of your CISSP experience.  It is my hope that all CISSPs will continually improve their skills and improve themselves (and hopefully their work environment) as they pursue opportunities to expand their knowledge of information security.

I welcome feedback and questions which will help me improve this resource for those who are working towards the CISSP certification. To ask a question or provide feedback, please contact me by email at cissp at avitria dot com - I'm always happy to answer questions from others working toward their CISSP certification. If you enjoy this memoir, you might also appreciate my CISSP Study Plan Memoir or how to go from CISSP to PMP certification.

Show Me the Money!
I was very fortunate in my quest to become a CISSP in that I had a supportive supervisor who was willing to invest in my certification by sending me to a Training Camp CBK review seminar.  However, since I did not want to arrive for this seminar unprepared, I set off on a nine-month quest to ensure that I was indeed prepared. I was on my own when it came to paying for study materials, so I set out to find top-quality materials on a thrifty budget. What follows is a sampling of the lessons that I learned in preparing for the exam, and resources I've uncovered to help me earn CPEs at no cost to me. The sites I have listed below are materials that I have personally reviewed and find to be of value in the pursuit or maintenance of the CISSP certification.  There are countless ways to obtain worthless CPEs (which hopefully are rejected through the ISC CPE audit process) but that is not what this resource is about.

From the Cheap Seats to the Exam Seat
Here are some suggestions for how to reduce your costs when preparing for the exam:
I'm a CISSP, What Do I Do Now?
You learn! And you learn some more! Here is the latest news regarding maintaining your credentials in good standing with (ISC)2: - This document lists a number of ways to earn CPEs, and since I don't want to rehash the ways to earn CPEs, I'll list a number of activities that might help CISSPs earn CPEs with minimal financial investment.

- Listen to a podcast, take notes and submit them for CPEs. This is a great option for folks who travel a lot or have a long commute - earn CPEs on the go!
Web-Based Training - Here is a listing of free online training resources that could be used to obtain CPEs - be sure to take a screenshot or save a copy of any certificate of completion in case the CPEs are audited!
Pre-Recorded Webinars - Webinars are an acceptable way to earn CPEs as long as they are vendor-neutral and of a non-sales nature.
Written Resources - You can even pick up a book and read it!  Here are several lists of excellent books that cover the domains of the CBK.