FAQs

A. About SISA Certifications:

1. Which SISA certification should I take up?

SISA has 4 premium forensics driven certification titles and each one will be an advantage to your career, if you are from the payment data security domain or Application development or Threat Hunting & Incident response domain. For those with other cyber security backgrounds, should take up these certifications as payment data security knowledge with its various form factors & newer technology advancement are widely being used across industries.

2. Where can I find the SISA certification track?

SISA certification track is as below:

CPISI –> CPISI Advanced
CPISI-D
CIDR

3. Who should take up SISA certifications?

SISA certifications prepare you for implementing the Payment Data Security requirements & Compliances and are highly recommended for security professionals, security analysts and higher management from industries such as: Payment Industry, Startups & companies using payment gateways, Service Providers, Banking & NBFCs, eCommerce & mCommerce merchants and retailers, IT & ITES.

4. What makes SISA certification credible?

As one of the first organizations to be certified by PCI SSC in 2006, SISA has been in the emerging payment data security domain since its inception. Being a PCI QSA company and core Payments Forensics Investigator (PFI), SISA Inc has delivered more than 400+ training workshops & have trained & certified over 10,000+ professionals through SISA Institute – a division of SISA specializing in creating unique certification programs that benchmark the knowledge and skills of information security professionals specific to the payment industry. SISA’s background and history have contributed immensely, helping organisations understand the need as well as lack of qualified experts specializing in safeguarding payment data. SISA is on a mission to identify these experts through their certification titles. Read more about SISA HERE.

5. Does SISA also provide trainings?

SISA Institute is a division of SISA Inc. which provides training and certification programs, both these services are independent of each other and as a learner you can opt for either or the full package of Training & Certifications. The individuals interested in enhancing their learning can enroll for SISA trainings and workshops, while those who are interested in challenging the exam and earning the SISA certification can proceed to apply for the same.

B. Exam Eligibility:

1. Where can I find the exam eligibility criteria?

The exam eligibility criteria for each of the certification title is unique and can be seen on the specific certification titled page HERE.

2. How long does the application process take?

Once you submit your application, you will hear from us – immediately. SISA’s certification department then will check your filled application form and respond to you within 2 working days. The process may take time if you have nominated an external party to verify your work experience and their response is pending.

3. Can I apply for more than one title in a single application form?

Yes, you may apply for more than 2 titles within the same application form, by selecting the title on the application form, however you will be verified for all the eligibility unique to each title.

4. Can I apply if I am a student and do not have any full-time work experience?

Yes, there is an option for those who may not have the relevant work experience to apply for the certification exam provided they have attended 16 hours of the relevant workshop.

5. What if my nominated verifier confirming my work experience does not respond?

It is recommended that you check and inform the verifier before nominating him so he can look out for verification requests coming in from SISA Institute.

6. How can I confirm my work experience if I am self-employed?

If you are self-employed, you have two options,

For those who own a business, a legal registration which showcases you as the owner and the nature of the business will suffice.
For those who are freelancers, you can nominate a client/ client you have consulted for who can confirm the work experience.

7. Can I reapply if my application is rejected? Do I need to wait for a specific period?

You can reapply whenever you think you are ready 6 months from the date of rejection.

8. Do I need to apply for eligibility if I already was certified before and I am looking for recertification?

Yes, all exam attempts will need to be applied for, however if you were certified by SISA Institute for the same title before you are considered eligible, and your application will be approved based on your previously held certification.

9. Does accepting my eligibility application mean I am certified?

Accepting the eligibility application means that you qualify to challenge the certification exam and will be certified only upon successfully passing the exam.

10. Is there an eligibility application fee? How can my organization pay for it?

Yes, there is an eligibility application fee, irrespective of the application decision that needs to be paid prior to the application verification, the eligibility application fee is a standard $50 which is non-refundable, and the payment can be made online by you or your organization. Once the payment is completed you are required to send the payment transaction details & identification to SISA’s certification department.

C. Exam Attempt:

1. How long is the exam?

The exam is 1 hour, which does not include the onboarding time. The slotted 1 hour is dedicated to answering the exam questions. The screen on the exam dashboard will display a timer.

2. How many and what kind of questions does the exam have?

The exam has 50 questions which are in multiple choice format (MCQ). You can check the exam blueprint available on the website to get an idea of the topics/ domains specific to the exam title.

3. Can I mark any question or go back to a previous question during the exam session?

The exam questions can be marked for review, you can go back and forth and change the answers during the exam session. The screen on the exam dashboard will display the question marked for review, questions answered vs those still need to be answered.

4. Where and when are the SISA exams available?

All SISA exams are available online and can be attempted from the convenience of your home at any time, you are required to follow the instruction and exam guidelines sent to you to set up your exam.

5. Are SISA certification exams open book?

No, SISA certification exams are not open book, all exams are proctored, and each session is recorded for surveillance audits.

6. Is there any identification involved for the exam session?

Yes, you must provide a government issued ID prior to the exam session.

7. Does the exam session permit breaks?

No, as the exam duration is limited to 1 hour only, the exam session does not permit breaks. The test-taker needs to be at his seat with no external communication/ breaks for the entire exam session.

8. Who can I reach out to if I face technical difficulties or get disconnected from my exam session.

In case of technical difficulties, SISA will provide with technical assistance. Your exam session progress is stored within the system and can be retrieved and continued in case of any disconnection.

9. Who will share my exam results and certificate with me.

The score transcript will appear on the exam screen once you have submitted the exam, or the exam session time is completed. The score transcript displays your exam performance and outcome. The certificate will be awarded within 3-5 working days once SISA’s certification department completes their surveillance an audit procedure.

10. How long is my exam access valid for?

Your exam access is valid for 10 days and the date of expiry will be mentioned along with your exam instructions. Test-takers are advised to complete their exam session during the provided window.

11. What if I am unable to complete my exam session in the allotted 10 days period?

Should there be an emergency and you are unable to complete your exam session in the allotted 10 days period you can reach out to SISA and request for an exam access extension with a valid reason for not completing the exam session, if your request is accepted you will be granted an extension of 7 days from the date the request is accepted to complete your exam. There is a service fee associated with this request and an extension request can only be accepted twice per exam session, beyond which you will need to pay a full exam access price. Request for exam access extension HERE.

12. What if my exam attempt is unsuccessful/ I fail the exam?

In an event where you fail the exam attempt, you can request for an exam retake, if your request is accepted you will be granted a new exam access valid for 10 days from the date the request is accepted to complete your exam retake. There will be a cooling/ separation period of 30 days between the exam attempts. There is a service fee associated with this request and the exam retake request can only be accepted twice per exam session, which means you have a total of 3 exam attempts, beyond which you will not be allowed to retake the exam again. Request for Exam Retake HERE.

13. Do I need to accept or agree to any terms and conditions prior to my exam attempt?

It is mandatory for every test-taker to accept and agree to the below terms and conditions on the exam portal prior to proceeding with the exam. The exam session will not initiate should you decide not to accept the terms and conditions listed.

14. Does SISA provide any exam preparation material that can be used?

SISA exams content is created in line with the exam blueprint published per exam title and no official exam preparation material has been released by SISA Institute that can be used. SISA Institute checks for exam eligibility prior to the exam and the exam access is granted only if SISA Institute believes that the test-taker has a fair chance at attempting the exam given the individuals learning and work experience related to the topics/ domains covered in the exam.

15. How are SISA exams created and maintained?

SISA Institute follows the best industry practices while preparing the certification exams. The exam content created by SISA institute is built to test the knowledge that the specific job title requires. The exam development process is governed by an independent body of experts such as the Advisory Council.

Industry research and information gathering is performed at the start of the exam development process. Once the Job-tasks/ topics are finalized, the exam blueprint is released.
Exam questions are designed in line with the exam blueprint topics to best assess the knowledge required by the job role.
The test structure is finalized, and test trials are conducted to check on the exam and question performance. Psychometric assessments are carried out to fix any errors on the test along with the cut score analysis to set the passing criteria before deployment.
All tests are checked for validity and fairness at set intervals. The test set up and delivery ensure no bias or added advantages to any specific exam session.

D. Certification:

1. Is there any other way of getting certified other than attempting the SISA exams?

There is no other alternative to earn the SISA certification other that attempting the SISA certification exam specific to the certification title.

2. How will I be receiving my certificate?

You will be notified once your certificate is ready, you can login to the exam portal to download/ print a copy of the same. SISA Institute does not provide hard copies of the certificate starting October 1st, 2022, as part of their GO GREEN initiative.

3. How long is the certification valid for?

The certification is valid for 3 years from date of issue, the issue and expiry dates are mentioned on the certificate awarded along with certification title and unique certification ID.

4. How can any 3rd party verify my certification validity?

SISA Institute provides an online verification link where your certificates can be validated by any 3rd party using your unique ID number, should you require a formal letter to be sent to a 3rd party you can raise this request with SISA Institute and information about and limited to your certification will be sent out the nominated recipient. Request for Information Release HERE.

5. Can I request for a single certificate for all the certification titles earned?

No, each unique title carries an individual certificate and a unique certification ID.

6. How can I retrieve my certification validity once it is expired?

Our exams are refreshed based on the current industry requirements for all our certification titles. Upon expiry of your certification, you can request for recertification by attempting the current exam specific to the exam title at a discounted price. As you would be applying for recertification, you are already eligible for the latest version of the exam. There is no alternative method to earn the certification other than attempting the latest version of the exam.

7. How can I ensure that the information shared SISA Institute will be secure?

SISA Institute does not store sensitive information such ID cards and recording of exam session beyond 4 weeks. Only application/ request/ survey/ forms, email communication and exam performance/s outcomes are stored by SISA Institute in line with the best industry data storage and security practices. In addition, SISA institute does not share any information about individuals with any 3rd party. Only information related to the certification status is released, provided there is a written consent by the individual along with the specific details or the recipient.

8. Can I used SISA titles and trademarks to showcase my certifications online or in my resume?

Yes, you can share your earned certificate online as well as use the logos of the titles specific to the certification you may have earned in line with the logo usage guidelines published on the website.

9. In which cases can my certification be rejected or revoked?

SISA specifies the requirement and terms at each stage of your certification journey, however certification can be rejected or revoked based on the below:

You do not meet the eligibility criteria defined by SISA Institute for the specific title
You have presented incorrect or misrepresented information shared with SISA Institute
Your exam attempt is flagged based on reasonable evidence of cheating/ misconduct
You have violated the non-disclosure/ privacy/ security terms agreed to prior to the exam
You have misrepresented your SISA Institute certifications or their scope
You have made any incorrect claims related to your relationship with SISA Institute
You have a reported violation of ethics filed against you that has been proven

10. Will I receive any special benefits as a certified member?

As a certified member of SISA Institute, you have the below benefits:

You can choose to be part of special task force database; this database is a list of security professionals who have expertise and experience within the payment data security industry and are contacted for projects and work opportunities that are inline with their skillset and certifications held with SISA.
You can volunteer as a Subject Matter Expert for SISA Institute and be a part of projects and activities related to the certification scheme development.
You will be first to know and receive invitation to SISA’s valued workshops and events that are focused on the latest security trends in the payment data security industry.
You will be a part of a closed group of SISA certified experts who share knowledge and discuss topics that are of interest to those who are keen to accelerate their career growth in the payment data security space.

E. Appeals & Complaints:

1. What kind of cases/requests qualify as an appeal?

To ensure that both the individual and the certification department work together through the certification journey and all decision made by the certification department are fair and transparent, SISA Institute has provided a mechanism where an individual can appeal against any decision made by the certification department limited to the certification scheme/ process that he is not in agreement with. The certification department will reconsider the decision and escalate the appeal request to the advisory council for a resolution if no consensus is met along with any supporting information collected that can help in decision making. The Advisory Council functions as an independent body and looks at all appeal presented objectively with no bias or prejudice; the Advisory Council’s decision is considered final. Submit Appeal HERE.

2. How are Complaints handled by SISA Institute?

SISA intends to support all individuals throughout their certification journey, however if there is an event where any individual faces an unpleasant experience related to any communication/action by any internal/external party associated with SISA Institute through the certification journey may report a compliant. The case will be looked at sensitively by SISA’s certification department with an intention to resolve the matter at hand in a timely manner. Submit Complaint HERE.

F. Feedback/ Support/ Updates:

1. How can I submit feedback to SISA Institute?

SISA Institute values feedback and believes in continuous improvement. Those individuals keen to help SISA Institute improve can share their feedback with SISA Institute. SISA Institute will ensure that the feedback is looked at and acted upon if relevant to the improvement and reputation of the certification scheme. Submit Feedback HERE.

2. How can I reach out to SISA Institute if I have more questions?

SISA Institute is happy to assist you. We encourage you to reach out to our certification department in case you have any questions, doubts or need specific information that will make the certification journey easy in anyway. Request Support HERE.

3. How will I know if the certification criteria or scheme has been modified?

SISA Institute will put up a public announcement 30 days prior to any changes in the policy/ process that impacts any area of the certification scheme. Check Announcement HERE.

SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive, detective, and corrective cybersecurity solutions. Our problem-first, human-centric approach helps businesses strengthen their cybersecurity posture.

Industry recognition by CREST, CERT-In and PCI SSC serves as a testament to our skill, knowledge, and competence.

We apply the power of forensic intelligence and advanced technology to offer true security to 2,000+ customers in 40+ countries.