The following comes from here:
http://www.cccure.org/modules.php?na...rticle&sid=967

I think that the information is interesting because it backs up what I've been seeing and hearing from all corners of the federal agencies.


One of the speakers was Lynn McNulty, the Consortium's Director of Government Affairs. He gave a speech discussing the US Department of Defense's initiative to have their info security professionals certified.

I found his speech very interesting and I decided to "bring back" a few of the hightlights, especially in light of all of the rumors that the CISSP exam is changing.

- There are approxiamately 41,000 CISSPs in 112 countries.

- Although the Consortium does not openly discuss pass/fail percentages, there is a 30% failure rate for first time candidates.

- The exam is constanty evloving. The Consortium is considering including 'essay' style questions, but have not made any decision to so.

- The exam is STILL 250 multiple choice questions with only 225 counting towards towards the score.

- The Consortium has THOUSANDS of questions that they choose from for the exams.

- They have caught individual cheaters, but have never experienced any organized effort to cheat on the test.

- They have stripped CISSPs of their certifications for ethics violations, but only after extensive due dilligence.

- They are happy with the exam delivery method and do not expect to change to online exams.

- They have been doing this since '95 and they are very good at it.

- Although there is some pressure from the US DOD to help get their ISOs "CISSP certified" The Consortium insists that "The standards will not slide."

--TH13