Certification Education About

Certified Information Security Officer – Financial Services

Learn, understand, collaborate, and test your information security knowledge of financial institution regulations, standards, and guidance by becoming a Certified Information Security Officer – Financial Services (CISO-FS)

Earn a CISO-FS certification from the CNX Institute and show your knowledge, experience and skills. A CISO-FS certification will allow you to:

  • Validate your knowledge and understanding of information security regulations, guidance, and standards as they apply to financial institutions, such as banks, credit unions, trust companies, and savings associations.
  • Demonstrate competence to be a financial institution Information Security Officer.
  • Access training webinars and resources to help you understand regulations that are appropriate for your industry.
  • Gain the confidence necessary to implement and/or support your organiziation’s information security measures.

What content does the certification exam cover?

The CISO-FS Certification Exam is 100 multiple-choice questions organized by domain. Results of the exam are presented as an overall score, as well as scores broken out by domain. The intent of the scoring criteria is to help candidates know which domains might need improvement.

Domain and knowledge areas coverage:

Knowledge areas:

  • Regulatory Oversight
  • U.S. Laws, Regulations, and Guidance
  • Other Standards and Guidance

Knowledge areas:

  • Roles and Responsibilities
  • Governance
  • Risk Management
  • Information Security Program
  • Development and Acquisition
  • Cybersecurity

Knowledge areas:

  • Roles and Responsibilities
  • Planning
  • Risk Management
  • Business Impact Analysis (BIA)
  • Facilities and Technology
  • Testing and Training
  • Incident Response

Knowledge areas:

  • Planning and Risk Assessment
  • Due Diligence and Selection
  • Contract Structuring and Review
  • Oversight and Monitoring
  • Termination and Continuity

Knowledge areas:

  • Asset Management
  • Data Management
  • Physical Controls
  • Logical Controls
  • Technology Design
  • Monitoring
  • Cybersecurity

Knowledge areas:

  • Roles and Responsibilities
  • Planning
  • Risk-Based Auditing
  • Types of Testing
  • Independence
  • Reporting

  • Information Security Terms and Definitions

brochure cover

Learn more about the certification

View the brochure