CISSP-ISSEP · Question #90
Which of the following certification levels requires the completion of the minimum security checklist, and the system user or an independent certifier can complete the checklist?
The correct answer is C. CL 1. CL 1 (Certification Level 1) is the entry-level certification that requires only the minimum security checklist - and crucially, it allows flexibility in who completes it: either the system user (self-assessment) or an independent certifier. This makes it the least restrictive op
Question
Which of the following certification levels requires the completion of the minimum security checklist, and the system user or an independent certifier can complete the checklist?
Options
- ACL 2
- BCL 3
- CCL 1
- DCL 4
How the community answered
(30 responses)- B3% (1)
- C90% (27)
- D7% (2)
Explanation
CL 1 (Certification Level 1) is the entry-level certification that requires only the minimum security checklist - and crucially, it allows flexibility in who completes it: either the system user (self-assessment) or an independent certifier. This makes it the least restrictive option in terms of both scope and assessor requirements.
Why the distractors are wrong:
- CL 2 requires a more rigorous assessment and mandates an independent certifier - the system user alone cannot complete it.
- CL 3 demands an even higher level of scrutiny, requiring a qualified/accredited independent certifier, far beyond a minimum checklist.
- CL 4 is the most stringent level, involving formal accreditation processes well above a basic checklist.
Memory tip: Think of CL 1 as "Level 1 = lightest lift" - it's the minimum effort (minimum checklist) with maximum flexibility on who can do it (user or certifier). As the number goes up, both the rigor and the independence requirements increase. The "1 = self-service allowed" rule helps distinguish it from all higher levels.
Topics
Community Discussion
No community discussion yet for this question.