The CISSP certification has been formally recognized as comparable to the U.K.’s master’s degree standard, following the completion of an independent benchmarking process.
What does the CISSP being assessed as comparable to the U.K. Master’s Degree Standard mean for me and other CISSPs?
While the value and importance of a globally understood cybersecurity certification are well known within the (ISC)2 community, reinforcing the meaning of the certification in relation to other forms of education, and professional distinction and accomplishments is equally important. Doing so aids understanding across educational institutions and employers, and also supports members in unlocking even more value from their hard work by helping in their future career progression.
Who evaluated the CISSP?
This assessment was conducted by U.K. NARIC, the U.K.’s government-designated agency responsible for providing information and expert guidance on academic, vocational, and professional qualifications from across the world. It conducted an in-depth study of the CISSP certification, using its well-established methodology for credential evaluation. This involved reviewing core qualification components as well as a comparative analysis of the skills assessed during a candidate’s examination against the Regulated Qualifications Framework (RQF).
What is the RQF?
The U.K.’s Regulated Qualifications Framework (RQF) categorizes qualifications based on their scope, and their level of challenge or difficulty.
The RQF Levels are:
- Level 1 – GCSEs (grades 3-1: previously D-G)
- Level 2 – GCSEs (grades 9-4: previously A*-C), CSE grade 1, O level grade A, B or C
- Level 3 – Advanced level (A level) grade A-E, AS level, Vocational level 3
- Level 4 – Vocational Qualification level 4, CertHE, HNC
- Level 5 – Vocational Qualification level 5, Foundation Degree, DipHE, HND
- Level 6 – Bachelor’s Degree (with or without honors)
- Level 7 – Master’s Degree, Postgraduate Certificate and Diploma, PGCE
- Level 8 – Doctor of Philosophy (DPhil or PhD)
Using this methodology for credential evaluation, U.K. NARIC examined core qualification components as well as a comparative analysis of the skills assessed in the CISSP examination to the RQF and other suitable reference points. The conclusion of this study found that the CISSP certification assessed knowledge and skills comparable to RQF Level 7 standard.
What about the CISSP qualifies it for RQF Level 7?
U.K. NARIC’s assessment made specific reference to the CISSP certification’s clear emphasis on assessing specialized cybersecurity knowledge, and the understanding and application of skills. This includes elements such as organizational problem solving and decision making, awareness, and correct use of industrial standards, policy, and best practice, along with understanding and appropriate use of methodologies, techniques, and training in relation to cybersecurity.
Does this mean that the CISSP is the same as a Master’s degree?
No. RFQ Level 7 means that earning the CISSP is considered an educational achievement that is the same level needed to achieve a Master’s degree, according to U.K. NARIC.
Within the RQF levels, qualifications are not all required to demonstrate the same amount of study or assessment time. Many factors are taken into account to determine the RQF level of qualification, such as the pass criteria, the level of knowledge, understanding, and skills tested, ongoing professional development requirements for maintaining certification, and how those tests are performed, among others. It is not just based on time to completion, or years put toward earning each level of achievement.
I have a CISSP. Is it fair for me to say I now have a Master’s?
No, you have not earned a master’s or postgraduate qualification as a result of this recognition. However, the CISSP being comparable to RQF Level 7 means that there is a recognized standard framework against which to position the CISSP certification with employers, government agencies, and education institutions. This is particularly useful when applying for things such as course credit for other higher education courses, positioning your certification when applying for new roles or promotions, or validating qualifications across borders.
Where does RQF Level 7 recognition apply?
The recognition of the CISSP certification as RQF Level 7 applies in the U.K. However, as the RQF is mapped to the European Qualifications Framework (EQF), the Level 7 status is also recognized across Europe.
Does RQF Level 7 recognition apply in the U.S. or outside of Europe?
It is not formally recognized in the U.S. or elsewhere, as there is no like-for-like education framework, but the U.K. and European recognition may still be accepted by some educational institutions at their own discretion for course credit and proof of eligibility.
Does this change how I can describe my certification on my CV, LinkedIn, or biography?
No. The existing rules on how you can describe and use your certification status remain unchanged. You can review our credential usage policy here. Enforcing these requirements is an important part of our accreditation process for all (ISC)2 credentials. This applies to all retired designations as well.