• Certified Security Compliance Specialist™ (CSCS™)

Certified Security Compliance Specialist™ (CSCS™)

A 2-Day Instructor-Led Security Compliance Program

The complete two-day CSCS™ program is of value to compliance professionals and managers, security officers, security practitioners, privacy officers and senior IT professionals.

Course fee includes the Certified Security Compliance SpecialistTM (CSCSTM) training manual, which will be provided on the first day of class.  Also included, continental breakfast, lunch & snacks during the training days.

The training program includes Quick Reference Cards (QRC) to support the materials provided for the course.

Target Audience

Compliance professionals and managers, information security officers, security practitioners, privacy officers, internal compliance auditors and senior IT professionals.


The CSCS™ Exam

The CSCS™ exam is delivered at the conclusion of the instructor-led 2-day program. The exam validates knowledge and skill sets in information security for the legislations, standards and frameworks delivered in class.

The exam comprises two parts, a practical session during which students work together in groups to solve real world problems using the skills learned on day 1 and a multiple-choice paper exam.

In the practical session, students will be divided into groups and given scenarios to solve, including evidence of real world issues such as information security breaches and regulatory noncompliance. The session is open book and students are encouraged to bring their own knowledge & experience to enhance the group performance as well as using research and collaboration skills to achieve the best results.

The practical session accounts for 25% of the overall exam score and will be marked in “real-time” during the group presentations. These scores will be pre-entered on the multiple-choice paper so that each student knows what they have to achieve from the second part of the exam.

The multiple-choice paper consists of 60 questions; time allowed: 60 minutes.

Examination Areas

Percentage of Exam

US National and State Standards (FISMA, NIST, State Regulations)


International Standards (ISO 27001, PIP, PIPEDA, DPA)


Business Regulations (PCI DSS, SOC2)


Healthcare Regulations (HIPAA, HITECH, ISO 27799)


Cyber Security Strategy (Risk Analysis and Management, Business Impact Analysis, Business Continuity Planning)





Scores from the practical and multiple-choice exams are added together and to achieve CSCS™ certification students must achieve an overall score of 75% or more.


CSCS™ exam questions are developed with the intent of measuring and testing practical knowledge and application of general concepts and standards in the area of regulatory compliance and information security. Every CSCS™ exam question has a stem (question) and five options (answer choices). The candidate is asked to choose the correct or best answer from the options. The stem may be in the form of a question or incomplete statement. In some instances, a scenario or description problem may be included.


Course Outline

Module 1: Introduction 

  • State of Security
  • US Requirements
    • SOC2


Module 2: PCI DSS 

  • Objective
  • Control Objectives
  • Defined Requirements
  • Critical References 


Module 3: Healthcare Information Security

  • Healthcare Security Challenges
  • HIPAA Security & HITECH Legislations
  • Administrative Safeguards
  • Physical Safeguards
  • Technical Safeguards
  • ISO 27799 Standard


Module 4: ISO 27000

  • Introduction to ISO 27000
    • Information Security Management Systems


Module 5: ISO 27001

  • Introduction to ISO 27001
    • Security Domains


Module 6: ISO 27002

  • ISO 27002 Standard
  • Scope
  • Key Clauses, Categories and Controls
    • Definition
    • Requirements 


Module 7: U.S. Federal & State Regulations

  • California's SB 1386 and SB 541
  • California's AB 1950, AB 1298, and AB 211
  • Nevada's 597.970
  • Massachusetts's 201 CMR 17.00
  • Data Breach Challenges
  • Encryption Requirements


Module 8: NIST Standards & Guidance

  • Objective
  • Special Publications
  • Key Guidance References


Module 9: Business Continuity Planning (BCP)

  • Definition and Scope
  • Components of a Contingency Plan
    • Disaster Recovery Plan
    • Emergency Mode Operation Plan
  • Classification of Information
  • Classification of Threats
  • Types of Alternate Sites
  • Getting Started


Module 10: Cyber Security Strategy

  • What is your Security Strategy?
  • Enterprise Security Methodology
  • Risk Analysis
  • Getting Started


Case Study: Risk Analysis

Examine compliance mandates for risk analysis. Analyze how to conduct a comprehensive and thorough risk analysis to identify compliance and security deficiencies. Walk through core components of the resulting Corrective Action Plan (CAP) – your roadmap for enabling a more resilient enterprise.


Case Study: ISO 27001 Certification

Effective communication at all stages is vital to the success of the ISMS and achieving conformance/certfication.


Case Study: Conducting a Business Impact Analysis (BIA)

Step through key activities that organizations must conduct to complete a comprehensive Business Impact Analysis (BIA). Understand critical processes for a BIA initiative and identify areas that must be addressed in a BIA Report.


Case Study: Anatomy of a Policy

Understand the key components of a well written information security policy. Review sample policy types and organization.


Fast Track for CISSP/Security +/SCNA

The fast track is available only for CSCS™ students that attend Instructor Led Training. ecfirst recognizes the breadth of security content that must be mastered to attain certain security credentials. Fast Track for the CSCS™ class means if you have another security credential, such as CISSP or Security+, you will still need to take the class but you will not have to take the exam to get the CSCS™ credential. It will automatically be given once you send the documentation that you have another security credential.

CSCS™ Program Information »


For inquires about this special event please contact John Schelewitz at +1.480.663.3225

Format for CSCS Online
Language for CSCS English

Write a review

Note: HTML is not translated!
    Bad           Good

Certified Security Compliance Specialist™ (CSCS™)

  • Product Code: CSCS-CLASS
  • Availability: In Stock
  • $1,650.00

Available Options