ProfessionalVendor-neutralTeleTrusT· issued from DE

T.I.S.P.

TeleTrusT Information Security Professional

High-quality German professional certification for IT security, supported by Bundesverband IT-Sicherheit (TeleTrusT). Examination by DAkkS-accredited bodies (DEKRA, PersCert TÜV). 180 questions in 4 hours, exclusively in German. Covers network security, cryptography, security management (ISO 27001, BSI IT-Grundschutz), IT law (DSGVO/GDPR, NIS-2), and system security. Particularly relevant in government agencies, KRITIS environments, and regulated German enterprises. Not internationally recognized, but a clear quality indicator in Germany. Since 2004, over 2,400 graduates.

Official page at TeleTrusT ↔ Compare with another cert

Exam fee

$389

Ongoing

$0/yr AMF · 20 CPE/yr

Study time

80–160 hrs

Delivery

—

Validity

3 yrs (renewal cycle)

› Quality score

25.5 / 40

Four-axis SecProve rubric, each 0–10. SecProve editorial assessment — each axis carries a written justification so you can push back on any single call without dismissing the whole score.

Blueprint rigor

How well-defined and rigorous the exam blueprint is.

TeleTrusT Information Security Professional — DACH-focused ECO covering BSI / ISO 27001.

8.0/10

Practical evidence

Hands-on labs / written reports vs pure MCQ.

Multi-day course with case-study exam.

4.5/10

Currency & upkeep

How aggressively content is kept current with the field.

Refreshed alongside German cybersecurity-law evolution.

7.5/10

Market recognition

How often this signal actually moves a hiring decision.

Default DACH security-mgr credential outside ISO-pure shops.

5.5/10

› Market signals

public, citable inputs to the recognition score

Default DACH security-management credential outside ISO-pure shops.

› Built for these roles

IT Security OfficersISMS ManagersSecurity Consultants (DACH)KRITIS PersonnelIT Auditors

› Exam format

180 multiple-choice questions, 4 hours, closed-book, passing score 70% (126 of 180). Examination by DEKRA Certification GmbH.

› Recertification

Valid for 3 years, recertification by year 4 at the latest. No re-examination. Evidence required: activity description, min. 1 T.I.S.P. Community Meeting, 20h training/year. Review by DEKRA.

› NICE Framework work roles

The NIST NICE work-role IDs this cert maps to. NICCS lookup.

OG-WRL-002OG-WRL-012OG-WRL-014IO-WRL-006OG-WRL-007OG-WRL-008PD-WRL-003DD-WRL-001OG-WRL-001OG-WRL-016

Recognition

DACH

Exam languages

› Core domains covered

The 2 domains this cert is centrally about. Passing the exam demonstrates working knowledge of each.

A1Governance, Risk & Compliance

Risk frameworks (NIST RMF, ISO 31000, FAIR), policy development, audit, regulatory compliance, third-party risk.

A18Security Leadership

Cyber risk quantification, board communication, security program development, budget & ROI.

› Prerequisites

Experience

Five-day preparation course at an accredited training provider (e.g., Fraunhofer SIT, secuvera) is mandatory admission requirement.

See this cert’s domains highlighted on the interactive map, or compare it against the rest of the catalog.

Highlight on the domain map Browse all certifications