Skip nav


London, UK, 08 April 2011 – (ISC)2® (“ISC-squared”), the world’s largest information security professional body and administrators of the CISSP®, today announced the expansion of its online self-assessment tool known as studISCope (pronounced “study scope”) to include the Certified Secure Software Lifecycle Professional (CSSLP®).

studISCope provides a simulation of the (ISC)² CSSLP certification exams and also serves as a mechanism for professionals to pursue continuous self development, regardless whether they acquire the CSSLP certification. Questions are developed using the same psychometric evaluation processes as the actual certification exam by (ISC)²-certified subject matter experts. At the conclusion of the simulation, the test taker receives his or her score, providing them with a readiness assessment and focused study plan.

“This tool is a great way for software professionals to assess their own security competency on an ongoing basis,” said Alessandro Moretti, CISSP, CSSLP, a volunteer member from Switzerland of the (ISC)2 Board of Directors and a senior risk and security executive in financial services.

“This approach to ongoing self education by software professionals will collectively contribute to better enterprise security for enterprises, given the numerous and incessant software security threats organizations face today.”

Code-language neutral, the CSSLP aims to stem the proliferation of software vulnerabilities by establishing best practices and validating an individual’s competency in addressing security issues throughout the software development lifecycle. The certification caters to a wide range of stakeholders who are involved in the software development process, including management. It is also applicable to business and technical analysts, developers, software engineers, software designers and architects, project managers, software quality assurance testers, and others involved in the software development lifecycle.

“Talk about security is everywhere within the development world, and there is recognition for the need to improve capabilities, but there is still a lot to accomplish. Moving forward begins with assessment. studISCope should prove valuable to anyone looking to develop some new, very marketable skills in this sector,” says Bola Rotibi, analyst specialising in the software sector as research director with Creative Insight Consulting.

“With application security topping the list of security concerns by information security professionals in the 2011 (ISC)2 Global Information Security Workforce Study, there is no better time for professionals to consider obtaining their CSSLP,” said Mano Paul, CISSP, CSSLP, (ISC)2 software assurance advisor and CEO of Express Certifications, the company that developed studISCope. “studISCope allows CSSLP candidates to experience the look and feel of the official certification exam as closely as possible with 300 exam questions.”

studISCope offers a personalized reporting system with learning progress indicators that provide insight into a candidate’s knowledge, strengths and weaknesses, as well as a readiness gauge that pinpoints the candidate’s comprehension level of the specific areas of the (ISC)² Candidate Information Bulletin (CIB), which outlines the information security topics covered in the CSSLP certification. These features allow candidates to identify their knowledge level efficiently in each of the CSSLP domains and focus their study efforts on areas that need the most attention. studISCope helps candidates study for the actual certification examination using three steps – assess, focus and certify.

Other (ISC)² certifications covered by studISCope include the Certified Information Systems Security Professional (CISSP), the Systems Security Certified Practitioner (SSCP®) and the Certified Authorization Professional (CAP®). The simulation exams can be purchased online in a variety of set combinations ranging in price from US$129 to US$289. Corporate and government discounts for enterprise orders can be availed by contacting their local (ISC)2 Education office. For more information, visit

About (ISC)²

(ISC)² is the largest not-for-profit membership body of certified information security professionals worldwide, with more than 75,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP), Certified Authorization Professional (CAP), and Systems Security Certified Practitioner (SSCP) credentials to qualifying candidates. (ISC)²’s certifications are among the first information technology credentials to meet the stringent requirements of ANSI/ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs and services based on its CBK®, a compendium of information security topics. More information is available at

© 2011, (ISC)2 Inc. (ISC)², CISSP, CSSLP, ISSAP, ISSMP, ISSEP, CAP, SSCP and CBK are registered marks of (ISC)², Inc.


Vidushi Patel
+44 (0)7958474632