Progressing through the CvCISO levels is dependent upon training, experience, and collaboration with others in the CvCISO community.


Different CvCISOs can do different things for their clients in different situations. In the initial iteration of the CvCISO®  certification, there are four certification levels and one specialty certification: Level 1, Level 2, Level 3, and Expert. The Mentor designation is the certification specialty.

Certification means that the CvCISO®  has demonstrated they can fulfill the requirements necessary to perform the role well. Certification does not offer a guarantee that the CvCISO®  will perform the role well (a benefit that comes from the CvCISO®  community).

CvCISO program levels of vciso certification
Overview of the CvCISO® Program Levels

Requirements (All levels)

All CvCISO®  certifications have the following minimum requirements:

  • Attend the SecurityStudio Certified virtual Chief Information Security Officer Course (CvCISO-1), including all classes.
  • Complete all assignments from CvCISO-1
  • Complete all quizzes in CvCISO-1
  • Pass the SecurityStudio Certified virtual Chief Information Security Officer (CvCISO) exam.
  • Maintain good standing within the CvCISO Community

Additional requirements for each CvCISO®  Level are summarized in the table below:

vciso training levels flowchart

CvCISO Level 1

Level 1 is where the CvCISO journey starts. There are no additional experience requirements for CvCISO®  Level 1; however, there are some restrictions on the work that should be permitted to perform. A CvCISO®  Level 1 should NOT be permitted to lead vCISO work for any client, they should always work alongside or under the tutelage of a CvCISO®  Mentor.

A CvCISO®  Level 1 can progress to CvCISO®  Level 2 once they have met the additional requirements for CvCISO®  Level 2.

  • No Experience Requirements
  • Limited Engagement – Must Work with Mentor

CvCISO Level 2

The additional experience requirements for CvCISO®  Level 2 ensure that they can serve small organizations (up to 100 employees) without the need for a Mentor.

CvCISO®  Level 2 is a mid-level vCISO®  who should be able to manage information security in less complex environments and with customers who have minimally mature information security programs.

The experiential requirements for CvCISO®  Level 2 are:

  • 1 year information security experience.
  • 3 previous vCISO engagements.
  • 6 months (.5 years) vCISO/CISO experience (w/Mentor is acceptable)

The primary purpose for CvCISO®  Level 1 and Level 2 is to introduce new people into the information security industry and help them progress in their vCISO work.

  • Minimum Experience Requirements
  • Limited Engagement – Small Organizations

CvCISO Level 3

Level 3 CvCISOs can work as a vCISO in all organizations; however, there are some additional training and experience requirements.

The experiential requirements for CvCISO®  Level 3 are in line with those of a Certified Information Systems Security Professional (CISSP®); however, the CvCISO®  Level 3 certification holder must also have previous vCISO experience.

Additional required training:

  • Information Security in Complex Environments Course (CvCISO-E)
  • Information Security Communications Course (CvCISO-C)
  • Information Security Budget Justification Course (CvCISO-B)

The experiential requirements for CvCISO® Level 3 are:

  • 5 years information security experience;
  • 2 years managing infosec projects;
  • 5 previous vCISO engagements and/or;
  • 2 years vCISO/CISO experience

Note: A person who successfully completes the CvCISO-1 Course, passes the CvCISO-1 exam, and possesses the necessary experience for Level 3 or Level 4

A person certified at Level 3 should be fully capable and qualified to serve as a vCISO in complex environments across industry verticals.

  • Additional Training Required
  • Mid-Level Experience Requirements
  • Unlimited Engagement
  • Qualifies to become CvCISO®  Mentor

CvCISO Level Expert

The most prestigious CvCISO®  certification level, a CvCISO®  Expert is truly an expert and has achieved a great accomplishment. CvCISO®  Experts are fully capable of helping the largest and most complex organizations, but they are also an extremely important part of our CvCISO®  community. A CvCISO®  Expert is esteemed and gives back to the community by being an active participant in the CvCISO®  program.

To become a CvCISO®  Expert, all the requirements for CvCISO®  Level 3 must be met, and the certification holder must complete the CvCISO®  Expert Interview. The CvCISO®  Expert Interview is a structured interview with other CvCISO®  Experts.

The experiential requirements for CvCISO®  Expert are:

  • 10 years information security experience.
  • 5 years management experience.
  • 10 previous vCISO engagements.
  • 3 years vCISO/CISO experience.

CvCISO®  Experts ultimately become the people who run the SecurityStudio Certified virtual Chief Information Security Officer (CvCISO® ) Program.

  • Additional Training Required
  • CvCISO Expert Interview Required
  • Expert Experience Requirements
  • Unlimited Engagement
  • Lead Direction of CvCISO Program

CvCISO Level Mentor

CvCISO®  Mentors are extremely capable vCISOs, but also possess the skills and desire necessary to mentor other vCISOs. CvCISO®  Mentors often work for organizations who are building and maintaining their own group of vCISOs.

Anyone can mentor a CvCISO® , but the CvCISO®  Mentor designation demonstrates that the certification holder is committed and credible to this important task.

To earn the CvCISO®  Mentor designation, a person must be CvCISO®  Level 3 (or higher) and successfully complete the Information Security Mentorship Course (CvCISO-M).

  • Additional Training Required
  • Mid-Level Experience Requirements
  • Unlimited Engagement
  • Mentors for CvCISO®  Level 1 and 2

Other courses

View all
CvCISO Badge

Managing Information Security in Complex Environments (CvCISO-E)

The CvCISO-E course by SecurityStudio equips information security leaders to secure complex environments effectively. It teaches that with the right approach and support, these challenges are manageable, moving away from traditional methods that often lead to failure.

View Course
CvCISO Badge
October 2024

CvCISO-1 Foundation Course

Oct 8, 2024

Dec 19, 2024

The official curriculum for all levels of the SecurityStudio Certified virtual Chief Information Security Officer (CvCISO®) certification. SecurityStudio's CvCISO® certification sets the first universal standard for vCISO excellence.

View Course
Stay up to date with our latest programs, courses and lessons

Subscribe to stay informed.