CISSP.app Blog
Search “CISSP exam cost” and you get one number: $699. That is ISC2’s published exam registration fee, and it is accurate. But it is also misleading, because the $699 is the floor, not the ceiling. Candidates who budget only for the registration fee regularly get surprised by study materials, the endorsement process, and the annual maintenance fee that kicks in the moment they pass.
This guide gives you the complete picture: every cost layer, realistic ranges based on how you choose to prepare, the retake math if things do not go as planned, and — most usefully — a playbook for getting your employer to cover the bill entirely.
The CISSP exam fee is $699. When you add study materials, the first year’s Annual Maintenance Fee ($125), and a modest contingency for a possible retake, the realistic all-in cost to become CISSP-certified in 2026 ranges from $900 to $2,500 — depending on how you prepare and whether you pass on the first attempt.
The CISSP Exam Registration Fee
ISC2 charges $699 USD to register for the CISSP exam. This fee is paid directly to ISC2 at the time of registration and covers a single exam attempt delivered through Pearson VUE testing centers worldwide. The fee is the same whether you sit at a physical testing center or use Pearson VUE’s online proctoring option.
A few important caveats on that number:
- ISC2 member pricing: Existing ISC2 members in good standing (for example, active SSCP holders) may be eligible for a reduced exam fee. Check your member portal before registering.
- Academic pricing: ISC2 offers discounted exam fees for students in qualifying academic programs. Eligibility must be verified through your institution.
- Currency conversion: The $699 is denominated in USD. Candidates registering outside the US pay in local currency at the prevailing exchange rate, which can shift the effective cost materially.
- Pearson VUE convenience fees: Depending on your testing region and whether you use online proctoring, Pearson VUE may charge a scheduling or administration fee on top of the ISC2 exam fee. Verify at time of booking.
Exam fees can change without notice. The $699 figure reflects published pricing as of April 2026. Verify the current amount on the official ISC2 CISSP exam page before submitting payment. This article is a planning resource, not a substitute for official pricing.
Every Cost You Will Actually Pay
Here is a complete accounting of every expense associated with earning and maintaining CISSP certification. Most resources list only the exam fee. The numbers below give you the full picture.
1. Exam Registration Fee: $699
The primary cost. Paid at registration, non-refundable once the exam window opens. If you reschedule with less than 48 hours’ notice, ISC2’s policy treats this as a no-show and the fee is forfeited — register only when you are genuinely ready. Understanding the CAT exam format and how adaptive testing works before you book is the best preparation for that commitment.
2. Study Materials: $0 to $600+
This is where your total cost varies most. The spectrum runs wide:
- Free / low-cost tier ($0–$50): Community resources, YouTube, Reddit study groups, and free-tier practice question platforms. Workable for candidates with deep existing security knowledge and strong self-discipline.
- Core materials tier ($50–$200): One official study guide (the Sybex CISSP Official Study Guide is the standard reference), supplemented by a practice question platform like CISSP.app. This is where most first-time candidates find the right balance of depth and cost.
- Premium tier ($200–$600+): Video courses, bootcamps, and multi-resource stacks. Bootcamps in particular can run several hundred dollars for live or recorded instruction. Useful for candidates who learn better through structured video instruction or who failed a previous attempt.
Cut Your Study Materials Cost Without Cutting Corners
CISSP.app gives you 3,000+ adaptive practice questions, a full CAT exam simulator, and a weak-areas analyzer — all for less than the cost of a single physical study guide. One subscription covers CISSP, CCSP, and CISM.
Start Free 7-Day Trial →No credit card required · Cancel any time
3. Annual Maintenance Fee (AMF): $125/year
This is the cost most candidates do not budget for. Once you pass the exam and complete the endorsement process, ISC2 charges a $125 Annual Maintenance Fee every year to keep your certification active. The AMF is due on your certification anniversary and covers your membership in good standing plus access to ISC2’s CPE tracking portal.
The AMF is not optional — failing to pay results in certification suspension. Over a 3-year recertification cycle, that is $375 in maintenance fees before you even count CPE activity costs.
4. CPE Activity Costs: $0 to $300/year
To maintain CISSP certification, you must earn 120 Continuing Professional Education (CPE) credits over each 3-year cycle (40 per year minimum). Many CPE activities are free: attending webinars, writing articles, teaching, reading security books. Others cost money: conferences, training courses, and self-study programs. Most candidates who are active in the security community can meet CPE requirements with minimal additional spend. Budget a small amount for at least one paid activity per year as a hedge.
5. Endorsement Fee: None (Usually)
After passing, you submit an endorsement application through ISC2. The endorsement itself carries no fee — ISC2 requires only that you have your five years of qualifying experience verified by an active ISC2 member in good standing. If you cannot find an endorser, ISC2 itself will endorse you, which also carries no additional charge.
Note: The April 2026 experience waiver changes affect which prior certifications can substitute for experience years. If you are relying on a waiver path, read our post on the April 2026 experience waiver update before submitting your application.
Total Budget by Scenario
Here is what the all-in cost looks like across three realistic candidate profiles — all assuming a first-year AMF and one year of CPE activity:
| Cost Component | Lean Preparer | Typical Candidate | Full-Resource Approach |
|---|---|---|---|
| Exam Registration Fee | $699 | $699 | $699 |
| Study Materials | $50 | $150 | $500 |
| Annual Maintenance Fee (Year 1) | $125 | $125 | $125 |
| CPE Activities (Year 1) | $0 | $50 | $150 |
| Retake Fee (if applicable) | $0 | $0 | $699 |
| First-Year Total | $874 | $1,024 | $2,173 |
The “lean” scenario assumes the candidate has strong existing security knowledge and uses primarily free and low-cost resources. The “full-resource” scenario includes a retake, reflecting the reality that the CISSP is a difficult exam — budget for contingency if this is your first attempt.
Retake Fees and the Waiting Period
A retake costs the same as the original exam: $699. ISC2 imposes mandatory waiting periods between attempts to encourage genuine remediation rather than rapid-fire re-testing:
- After the 1st failed attempt: 30-day wait
- After the 2nd failed attempt: 90-day wait
- After the 3rd failed attempt: 180-day wait
- Maximum of 4 attempts in any rolling 12-month period
The financial cost of a retake is obvious. The less obvious cost is the time lost during the mandatory waiting period — especially if you are trying to meet a job offer deadline or employer timeline. The best way to avoid the retake tax is a structured, long-form study plan. Our 90-day CISSP study plan is designed specifically to get working professionals to first-attempt readiness without burning out.
A first-attempt failure adds $699 plus at least 30 days of additional prep time. For a candidate earning $140K who could have been in their new role 30 days earlier, the opportunity cost can dwarf the retake fee itself. Invest in preparation upfront — it is almost always cheaper than remediation.
How to Get Your Employer to Pay
The single best cost-saving strategy is not a discount code or a sale — it is getting your employer to cover the bill. This works more often than candidates expect, including at organizations that have no formal tuition reimbursement program.
Frame the Request Around Business Value, Not Personal Development
Do not ask for help paying for your exam. Instead, explain why the organization benefits from having a CISSP on staff:
- DoD 8140 compliance requires CISSP for specific IAM and IASAE roles in defense contracting environments
- Many enterprise clients and government frameworks list CISSP as a preferred or required credential for security personnel
- CISSP reduces employee turnover risk — certified professionals are more engaged and less likely to leave for purely salary-driven reasons
- The organization avoids the cost of hiring a credentialed outside consultant at $200+ per hour for work a newly certified internal employee can handle
Ask Before Budget Cycles Close
Training budgets at most organizations are set annually. If your organization is on a January fiscal year, September and October are prime windows to make the request — managers are actively looking for legitimate line items to use their remaining budget. An unused training budget often resets to zero at year-end.
Get It in Writing, Then Register
Do not register for the exam on the assumption that reimbursement is coming. Get written confirmation of reimbursement before paying. If your employer requires a passing result to trigger reimbursement (common), build that condition into your prep timeline — do not sit the exam until you are genuinely ready.
Negotiate the Full Stack, Not Just the Exam Fee
If your employer is willing to pay the exam fee, ask for study materials and the AMF in the same conversation. Framing it as a total investment — “the exam plus the first year of maintenance” — is often easier to get approved than returning with a second request later.
The ROI Math: Cost vs. Career Gain
Even if you pay entirely out of pocket, the financial case for CISSP is straightforward. Our CISSP salary guide documents the median total compensation for CISSP holders at $147,000–$162,000 annually — a premium of approximately 35% over non-certified peers in comparable roles.
Assume a worst-case scenario: you pay the full $2,173 out of pocket (exam, materials, retake, AMF, CPEs). If CISSP enables a job transition that adds $20,000 to your annual total compensation — a conservative estimate for a move from senior engineer into security architecture — the return on that $2,173 investment is roughly 9x in year one alone. For a deeper breakdown of that ROI across career stages, see our analysis of whether CISSP is worth it in 2026.
The cost question is real but it is rarely the right question. The right question is: what will this credential enable that my current situation does not?
5 Cost-Saving Strategies Worth Using
1. Pass on the First Attempt
Obvious but worth stating: a $699 retake fee is one of the most expensive costs you can incur. The cheapest prep strategy is the one that gets you to first-attempt readiness, even if it costs more upfront in materials. A $150 investment in quality practice questions that prevents a $699 retake has a clear ROI.
2. Use a Practice Platform Instead of a Bootcamp
Bootcamps cost $300–$600 and are primarily useful for candidates who failed a previous attempt or who need highly structured instruction. For most first-time candidates with existing security experience, a combination of the official study guide and an adaptive practice question platform delivers equivalent or better results at a fraction of the cost.
3. Check ISC2 Member Pricing Before Registering
If you hold any other ISC2 certification (SSCP, CCSP, CGRC, etc.), verify whether member pricing applies to the CISSP exam before registering. The savings can be meaningful and the check takes two minutes in your member portal.
4. Bundle CISSP With CCSP If You Are Cloud-Focused
CISSP and CCSP share significant domain overlap. Candidates who prepare for both simultaneously often find that CISSP preparation covers a substantial portion of CCSP content, reducing the incremental cost of a second credential. Our CISSP vs. other certs analysis covers how to sequence credentials efficiently.
5. Accumulate Free CPEs Proactively
Do not wait until year 3 of your recertification cycle to chase CPE credits. ISC2 offers free webinars throughout the year that count toward your CPE requirement. Staying current with free CPE activities reduces the likelihood of needing to purchase a course simply to meet your annual minimums under deadline pressure.
FAQ: CISSP Exam Cost in 2026
How much does the CISSP exam cost in 2026?
The ISC2 CISSP exam registration fee is $699 USD. This covers a single exam attempt. The realistic all-in cost of getting certified — including study materials, the first year’s Annual Maintenance Fee ($125), and a contingency for a possible retake — runs between $900 and $2,500 depending on how you prepare.
What is the CISSP Annual Maintenance Fee?
The Annual Maintenance Fee (AMF) is $125 per year, due on your certification anniversary. It is required to keep your CISSP active and in good standing. Over a standard 3-year recertification cycle, that is $375 in AMF costs in addition to any CPE activity expenses.
What happens if I fail and need to retake the CISSP?
A retake costs the same $699 as the original attempt. ISC2 requires a 30-day wait after the first failure, 90 days after the second, and 180 days after the third. You may take the exam a maximum of four times in any rolling 12-month period. Always verify the current retake policy on ISC2.org, as terms may change.
Is the CISSP exam fee refundable?
Generally no — the exam fee is non-refundable once your exam window is scheduled. ISC2 allows rescheduling with sufficient advance notice without penalty, but late cancellations and no-shows typically result in forfeiture of the fee. Check ISC2’s current cancellation policy before booking.
Can my employer pay for the CISSP exam?
Yes, and it is more achievable than most candidates assume. Frame the request around business value — compliance requirements, client demands, reduced turnover — rather than personal career development. Ask before annual budget cycles close, and negotiate for the exam fee, study materials, and AMF in a single conversation rather than making multiple requests.