How to Renew CISSP Certification in 2025
Your CISSP certification proves you have what it takes to lead in cybersecurity. But it doesn’t last forever. To keep it active, you need to renew it every three years. That means tracking your certification cycle, earning Continuing Professional Education (CPE) credits, paying annual fees, and staying compliant with ISC2’s Code of Ethics.
Letting your certification lapse doesn’t just put your title at risk. It could mean lost career opportunities, credibility, and access to industry benefits. This guide walks you through the full CISSP renewal process in 2025: what it costs, what to submit, and what to do if your status expires.
Pro Tips
According to ISC2, maintaining your CISSP gives you access to exclusive training discounts, global peer networking, and industry research. These benefits are funded directly by your annual fees and ongoing certification.
Does CISSP Certification Need Renewal?
Yes.
Your CISSP certification remains valid for three years, but only if you meet the ongoing renewal requirements. ISC2 designed this cycle to ensure every CISSP professional stays current in a rapidly changing cybersecurity landscape.
Threats, tools, and best practices in cybersecurity evolve constantly. ISC2 designed the three-year cycle not as a passive deadline but as a framework to encourage professionals to refine their expertise continuously. The renewal process acts as a quality assurance mechanism. It helps ensure that your skills and knowledge stay relevant and your certification retains its status as the gold standard.
Without renewal, the CISSP title could lose value due to outdated knowledge. Renewal ensures you maintain sharp technical and managerial skills and professional credibility.
Renewing also maintains your access to ISC2 resources, exclusive events, training discounts, and standing in the cybersecurity community. It shows your ongoing commitment to excellence, which employers and peers take seriously.
You can learn more about the complete breakdown of CISSP renewal steps and how to prepare effectively at Training Camp’s CISSP Certification Bootcamp.
Cost of CISSP Renewal
The CISSP renewal cost involves more than just earning CPE credits. You also take on clear financial responsibilities. The main cost you need to plan for is the Annual Maintenance Fee (AMF).
Annual Maintenance Fee (AMF)
| Certification Category | AMF (U.S. $) |
|---|---|
| CISSP, SSCP, CCSP, CGRC, CSSLP, ISSAP, ISSEP, ISSMP | $135 |
| CC (Certified in Cybersecurity – if held as sole certification) | $50 |
| Associates of ISC2 | $50 |
Table 1: ISC2 Annual Maintenance Fees (AMF) 2025
As of 2025, the CISSP certification renewal cost totals $405 over three years, based on the annual $135 maintenance fee. This fee is due each year on the anniversary of your certification date.
ISC2 positions the AMF not as a simple administrative charge, but as an investment in the certification itself. The fee funds member benefits like discounted training, free webinars, access to expert research, exam updates, and global advocacy for the cybersecurity profession.
You can pay the AMF via the ISC2 Dashboard using a credit card, PayPal, check, or wire transfer.
Key Insight
ISC2 charges the same $135 AMF whether you hold one certification or several. You only pay once each year, on the anniversary of your earliest certification date. If you miss a payment and don’t make it up within 90 days, your certification will be suspended until you resolve it.
What if you let it lapse?
If your certification expires, you’ll need to pay the full exam fee (currently $749), submit a new endorsement, and meet all eligibility requirements again. You’ll go through the process like a first-time candidate.
How to Renew Your CISSP Certification
CISSP renewal isn’t a one-time task. It’s a three-year process that calls for steady progress and attention to deadlines. Here’s how to stay on track:
Track Your Certification Cycle
Start by checking your certification anniversary in your ISC2 member dashboard. This date sets your timeline for all renewal requirements, including CPE submissions and AMF payments.
Pay Your Annual Maintenance Fee (AMF)
Pay $135 each year on your certification anniversary. If you hold multiple ISC2 certifications, you still pay only once annually. This is one of the core CISSP renewal requirements to stay in good standing.
Earn and Submit 120 CPE Credits
You must earn 120 Continuing Professional Education (CPE) credits across three years. At least 90 of them must fall under Group A (domain-specific activities). Submit your credits through the ISC2 portal, and keep documentation for audits.
Stick to the Code of Ethics
As part of CISSP renewal, you must reaffirm your commitment to the ISC2 Code of Ethics. Violations can lead to suspension or revocation, even if you meet all other renewal criteria.
Pro Tip
ISC2 recommends earning 40 CPEs each year: 30 Group A and 10 Group A or B. Spacing them out makes the process more manageable and prevents last-minute stress.
How to Earn CPE Credits
CISSP CPE credits are the backbone of your CISSP renewal. You need 120 total credits across three years, with at least 90 in Group A (domain-specific to cybersecurity). The remaining 30 can come from Group A or Group B (general professional development). You can find the full rules and credit breakdowns in the official ISC2 CPE Handbook.
Group A CPEs focus on topics directly tied to the CISSP Common Body of Knowledge (CBK) and are a core part of CISSP CPE requirements. These include:
Attending cybersecurity webinars, courses, or conferences
Writing or publishing security-related content
Teaching security topics or preparing new training material
Volunteering in a cybersecurity-related role
Completing unique work projects outside your normal duties
Group B CPEs support broader skill development. These might include:
Leadership or management training
Public speaking courses
Business strategy or communication workshops
Tracking and Submitting CPEs
Log all your CPEs in the ISC2 portal. Be ready to upload proof such as completion certificates, summaries of reading, or links to published work. CPEs can be reported in 0.25, 0.5, or full-hour increments.
CPE Caps and Guidelines
To encourage a diverse range of learning experiences and maintain the integrity of the CPE program, ISC2 has established specific limits and maximum credit values for certain types of activities. These ensure that professionals do not rely excessively on a single method for earning credits and that claimed activities involve a substantive level of engagement. The following table, based on the ISC2 CPE Handbook, outlines some common activities and their associated CPE values and limits.
| Activity Type | Group | CPEs Awarded | Specific Requirements/Limits |
|---|---|---|---|
| Reading Books (related to CISSP domains) | A | 5 CPEs per book | Requires a 250-word description submitted with the claim. |
| Reading Magazines (issues related to CISSP domains) | A | 5 CPEs per magazine issue | Requires a 250-word description submitted with the claim. |
| Reading White Papers (related to CISSP domains) | A | 1 CPE per paper | Requires a 250-word description submitted with the claim. |
| Authoring Books | A | 40 CPEs (author), 20 CPEs (co-author), 10 CPEs (editor) | Per book. |
| Authoring Articles | A | 20 CPEs (author), 10 CPEs (co-author), 5 CPEs (editor) | Per article. |
| Authoring Chapters in Books | A | 20 CPEs (author), 10 CPEs (co-author), 5 CPEs (editor) | Per chapter. |
| Authoring Professional Blogs | A | 10 CPEs (author), 5 CPEs (co-author), 2 CPEs (editor) | Per blog post. |
| Authoring White Papers | A | 10 CPEs (author), 5 CPEs (co-author), 2 CPEs (editor) | Per white paper. |
| Preparing New/Updating Training Materials | A | 1-day course: 2 CPEs; 2-day course: 5 CPEs; 5- to 7-day course: 10 CPEs; Semester (12+ weeks): 20 CPEs | Credits for preparation time. |
| Unique Work Experience (outside normal duties) | A | Up to 10 CPEs per unique project/assignment | Must be a distinct project, not routine job tasks. |
| ISC2 Safe and Secure Online Presentations | A | 10 CPEs (one-time after 2 presentations), then 1 CPE per additional presentation | |
| General Maximum per Single Entry | A or B | Generally, should not exceed 40 CPEs | For self-directed learning or contributions to the profession, some specific activities (like authoring a book) have higher caps. |
Table 2: CPE Credit Values and Limits for Common Activities (Based on ISC2 CPE Handbook)
These limitations, particularly the requirement for descriptive summaries for reading activities, add a layer of accountability and ensure genuine engagement with the educational material.
Rollover Credits
Earn extra? You can roll over up to 40 Group A CPEs to your next cycle, but only if you earn them within the final six months of your current cycle.
Key Insight
According to ISC2, failing to earn and submit all 120 CPEs within your three-year cycle will result in suspension or expiration of your certification. There is no shortcut—CPEs are non-negotiable.
How to Renew CISSP Without CPE Credits
The short answer: you can’t.
As confirmed by multiple sources, there are no exceptions.
ISC2 does not allow CISSP holders to renew their certification without completing the required Continuing Professional Education (CPE) credits. CPEs are non-negotiable and form the foundation of the renewal process.
If you reach the end of your three-year cycle without submitting 120 CPEs, your certification status moves into suspension. You then have a 90-day grace period to catch up. Use that time to submit missing credits and pay any overdue fees. During this suspension, you lose the right to use the CISSP title.
If you still don’t meet the requirements within that grace period, your certification expires. At that point, your only option is to start over: retake the full CISSP exam, pay the full exam fee (currently $749), and go through the endorsement process again.
There’s no fast track, no appeal, and no CPE waiver. ISC2’s stance is clear. Ongoing education is essential to maintaining the integrity and value of the CISSP credential.
What If Your CISSP Status Expires?
Letting your CISSP certification lapse comes with real consequences. Once your certification expires, you lose your status, your right to use the CISSP title, and your access to all ISC2 member benefits. There are three official outcomes when you fail to meet renewal requirements: suspension, expiration, or revocation.
Suspension
If you don’t meet CPE or AMF requirements by the end of your cycle, your certification enters a 90-day suspension. During this window, you must resolve all outstanding requirements. If you do, your status returns to active with no permanent penalty.
Expiration
Miss the 90-day grace period, and your certification expires. To become certified again, you must retake and pass the CISSP exam, meet eligibility criteria, pay the full fee, and submit a new endorsement, as if applying from scratch.
Revocation
This is the most severe outcome. It typically results from ethics violations, falsified records, or repeated non-compliance. Revoked certifications are permanently terminated and may be publicly listed.
For deeper insights into expiration and revocation scenarios, this CISSP certification lifecycle breakdown outlines what to expect.
| Feature | Suspension | Expiration | Revocation |
|---|---|---|---|
| Typical Reason | Failure to meet AMF/CPE by the cycle end date. | Failure to rectify deficiencies during the 90-day suspension period. | Serious ethical violations, fraud, repeated non-compliance, failure to comply with the audit, and criminal conviction. |
| Duration/Permanence | Temporary; typically 90 days to rectify. | Credential becomes invalid; permanent unless fully recertified as a new candidate. | Permanent loss of certification, though an appeal process exists. |
| Right to Use Mark | Temporarily lost. | Lost; no longer certified. | Permanently lost. |
| Path to Active Status | Correct all deficiencies (e.g., pay AMF, submit CPEs) within 90 days. | Retake and pass the CISSP exam, obtain a new endorsement, and pay all associated fees (full reapplication). | Appeal decision within 90 days. If the appeal fails or is not pursued, you may need to reapply as a new candidate (exam, endorsement, fees), subject to ISC2 approval, potentially with additional conditions/waiting periods. |
| Key Implications | Final warning; opportunity to restore active status without permanent penalty if compliant within the grace period. | Complete reset of certification process; previous CPEs nullified; significant time and financial cost for re-certification. | Most severe consequence: loss of all certification privileges; potential public listing; signifies serious breach of professional standards. |
Table 3: Comparison of CISSP Status: Suspension, Expiration, and Revocation
Key Insight
If your certification expires or is revoked, you’ll need to go through the entire CISSP process again. That includes passing the exam, proving your work experience, and getting endorsed. Previous CPEs won’t carry over.
Avoid these setbacks by monitoring your AMFs, earning CPEs steadily, and checking your status in the ISC2 dashboard regularly.
Back Your Credentials with Action
Let’s be honest, CISSP renewal takes work.
Tracking deadlines, earning CPEs, and staying sharp in a fast-moving field. But that effort is exactly what sets you apart. It shows you’re committed to leading, not just keeping up.
Need to recertify or sharpen your exam readiness? Training Camp’s CISSP Certification Bootcamp expert-led courses cover every domain, reinforce your knowledge, and get you exam-ready faster.
