My certificates

ISC2 CISSP

Certificate requirements

Work experience

Minimum five years cumulative paid work experience in two or more of the eight domains of the CISSP CBK:

  1. Security and Risk Management
  2. Asset Security
  3. Security Architecture and Engineering
  4. Communication and Network Security
  5. Identity and Access Management (IAM)
  6. Security Assessment and Testing
  7. Security Operations
  8. Software Development Security
Exam
  • 3 hours
  • 100 – 150 multiple choice questions
  • 700 out of 1000 points to pass
Maintenance
  • 120 CPEs over each 3-year cycle
  • Annual maintenance fee
Other

Commit fully to the ISC2 Code of Ethics

Certificate verification

Click here to verify my CISSP certificate

Last Name: Sponås
ID Number: 745502

ISC2 CCSP

Certificate requirements

Work experience

Valid experience includes information systems security-related work performed in a cloud computing environment, or work that requires cloud security knowledge and involves direct application of that knowledge. Experience must fall within one or more of the six domains of the ISC2 CCSP CBK:

ISC2s CISSP credential can be substituted for the entire CCSP experience requirement.

  1. Cloud Concepts, Architecture and Design
  2. Cloud Data Security
  3. Cloud Platform & Infrastructure Security
  4. Cloud Application Security
  5. Cloud Security Operations
  6. Legal, Risk and Compliance
Exam
  • 3 hours
  • 125 multiple choice questions
  • 700 out of 1000 points to pass
Maintenance
  • 90 CPEs over each 3-year cycle
  • Annual maintenance fee
Other

Commit fully to the ISC2 Code of Ethics

Certificate verification

Click here to verify my CCSP certificate

Last Name: Sponås
ID Number: 745502

Certified Information Security Manager

Certificate requirements

Work experience

A minimum of 5-years of professional information security management work experience – as described in the CISM job practice areas – is required for certification. The work experience for CISM certification must be gained within the 10-year period preceding the application date for certification. Candidates have 5-years from the passing date to apply for certification.
Substitutions and waivers may be obtained for a maximum of 2-years as follows:

Two Years:

  • Certified Information Systems Auditor (CISA) in good standing
  • Certified Information Systems Security Professional (CISSP) in good standing
  • Post-graduate degree in information security or a related field (e.g., business administration, information systems, information assurance)

One Year:

  • One full year of information systems management experience
  • One full year of general security management experience
  • Skill-based security certifications (e.g., SANS Global Information Assurance Certification (GIAC), Microsoft Certified Systems Engineer (MCSE), CompTIA Security +, Disaster Recovery Institute Certified Business Continuity Professional (CBCP), ESL IT Security Manager)

The experience substitutions will not satisfy any portion of the 3-year information security management work experience requirement.

Exam
  • 4 hours
  • 150 questions
  • 450 out of 800 points to pass
Maintenance
  • 120 CPE hours over each 3-year cycle, minimum 20 hour each year.
  • Annual maintenance fee
Other

Comply with the ISACA’s Code of Professional Ethics

Certificate verification

Click here to verify my CISM certificate

Last Name: Sponås
Certification Number: 221975784

Microsoft 365 Certified: Security Administrator Associate

Certificate requirements

Exam
  • 700 out of 1000 points to pass
  • Skills measured:
    • Implement and manage identity and access (25-30%)
    • Implement and manage threat protection (30-35%)
    • Implement and manage information protection (15-20%)
    • Manage compliance in Microsoft 365 (20-25%)

Certificate verification

Click here to verify my Microsoft 365 Certified: Security Administrator Associate certificate

PECB ISO/IEC 27001 Lead Implementer

Certificate requirements

Work experience

Five years: Two years of work experience in Information Security Management

Exam
  • 3 hours (+30 minutes for non-native speakers)
  • 12 essay questions
  • 70% correct to pass

The exam covers the following competency domains:

  • Fundamental principles and concepts of an information security management system (ISMS)
  • Information security management system (ISMS)
  • Planning an ISMS implementation based on ISO/IEC 27001
  • Implementing an ISMS based on ISO/IEC 27001
  • Monitoring and measurement of an ISMS based on ISO/IEC 27001
  • Continual improvement of an ISMS based on ISO/IEC 27001
  • Preparing for an ISMS certification audit
Other

Signing the PECB Code of Ethics

Certificate verification

Click here to verify my PECB ISO/IEC 27001 Lead Implementer certificate

First Name: Jonas
Last Name: Sponås
Certification Number: ISLI1062438-2024-03

PECB NIS2 Directive Lead Implementer

Certificate requirements

Work experience

Five years: Two years in cybersecurity management

Exam
  • 3 hours (+30 minutes for non-native speakers)
  • 80 multiple choice questions
  • 70% correct to pass

The exam covers the following competency domains:

  • Fundamental concepts and definitions of NIS 2 Directive
  • Planning of NIS 2 Directive requirements implementation
  • Cybersecurity roles and responsibilities and risk management
  • Cybersecurity controls, incident management, and crisis management
  • Communication and awareness
  • Testing and monitoring of a cybersecurity program
Other

Signing the PECB Code of Ethics

Certificate verification

Click here to verify my PECB NIS 2 Directive Lead Implementer certificate

First Name: Jonas
Last Name: Sponås
Certification Number: NIS2LI1062438-2024-04