Skip to content

Services, Wiki-Artikel und Blog-Beiträge durchsuchen

↑↓NavigierenEnterÖffnenESCSchließen
DEKRA-certified TeleTrusT-recognised

T.I.S.P. Certificate - Training & Exam 2026

Europe's expert certificate for information security. 5-day online intensive course with DEKRA exam - hosted on German servers, no US-based providers.

What is T.I.S.P.?

The T.I.S.P. (TeleTrusT Information Security Professional) is Europe's counterpart to CISSP - covering the same 20 knowledge domains but with a focus on EU/DACH regulation: GDPR, NIS-2, ISO 27001, and BSI IT-Grundschutz. It is DEKRA-certified and recognised across the DACH region (Germany, Austria, Switzerland).

5 days / 40 teaching units
Max. 15 participants
DEKRA exam
Reserve Your Place View Curriculum

Next date: 04-08 May 2026 · Places available

T.I.S.P. - Europe's Expert Certificate for Information Security

The T.I.S.P. certificate (TeleTrusT Information Security Professional) is a recognised expert-level certificate in information security designed specifically for the European market. It accounts for the standards, frameworks, and legislation prevalent in Europe - unlike comparable international certifications such as CISSP.

As a T.I.S.P. certificate holder, you demonstrate your qualifications, skills, and knowledge across information security, security management, and IT security. The exam is administered by the independent certification body DEKRA.

Why T.I.S.P. instead of CISSP?

While CISSP (Certified Information Systems Security Professional) is oriented around US standards and legislation, T.I.S.P. covers the same 20 knowledge areas - but with a focus on European and German regulation: GDPR, NIS-2, BSI IT-Grundschutz, and ISO 27001. For professionals working in the DACH region, T.I.S.P. is therefore the more relevant and practice-oriented certification.

Your benefits

  • A recognised European expert certificate for information security - backed by the TeleTrusT association
  • DEKRA-certified qualification with independent exam administration
  • Access to the exclusive T.I.S.P. community with over 2,300 certified experts
  • 20 modules covering all relevant areas of information security
  • European and German legislation (GDPR, NIS-2, IT-SiG 2.0) at the forefront
  • Career-boosting: ISO, CISO, security consultant, auditor - T.I.S.P. opens doors
  • Optimised group size for maximum learning success (max. 15 participants)

AWARE7 on the T.I.S.P. Board - Inside knowledge for your preparation

Chris Wojzechowski, Managing Director of AWARE7, is one of six members of the official T.I.S.P. Board - the body that directly shapes the certification. The Board consists of: Birgitte Baardseth (isits, Chair), Sinisa Dukanovic (Fraunhofer SIT), Hans-Peter Möschle (M&H), Dr. Holger Mühlbauer (TeleTrusT), Oliver Oettinger (secorvo), and Chris Wojzechowski (AWARE7).

The Board is responsible for:

  • Developing and updating the T.I.S.P. certification - curricula are continuously updated based on current threat landscapes and regulatory developments
  • Setting exam requirements and standards - the Board defines what is tested in the 180 exam questions
  • Approving and evaluating training providers - only Board-approved providers may deliver T.I.S.P. preparatory courses
  • Monitoring certification developments - international standards, new regulation, market trends

What this means for you as a participant: No other T.I.S.P. provider can offer comparable proximity to the certification body. You learn from someone who literally co-determines what is examined - and why certain topics carry the most exam weight.

T.I.S.P. Community Meeting 2026 - Chris Wojzechowski as moderator

10-11 November 2026, NH Collection Berlin-Mitte. Chris Wojzechowski co-moderates the Community Meeting with Nadine Voigt. Silas Borgmeier (AWARE7) delivers a talk: "Breaking Free from Dependence on US Cloud Services". Attendance counts as a mandatory requirement for recertification and as 8 hours towards your continuing education quota. As an AWARE7 graduate, you receive early access to registration and scheduling details.

NIS-2: Demonstrable qualification becomes mandatory

§38 BSIG (Germany's NIS-2 implementation act) obliges management of affected organisations to take personal responsibility for cybersecurity measures. With approximately 29,500 newly affected companies in Germany, demand for demonstrably qualified ISOs has grown substantially. T.I.S.P. - with explicit modules on GDPR, NIS-2, and BSI IT-Grundschutz - is the credible qualification recognised by regulators and insurers alike.

T.I.S.P. compared: the leading IT security certifications

Which certificate suits your situation? This overview helps you decide - especially if you operate in the DACH region.

Criterion T.I.S.P. CISSP CISM CompTIA Security+
Focus Europe / DACH International / USA Management Entry-level
Modules / Domains 20 modules 8 domains 4 domains 6 domains
Exam 180 MC, 4 h, German 100-150 CAT, 4 h, English 150 MC, 4 h, English 90 MC, 1.5 h, English/German
Experience required 3 years 5 years (or 4 yr. + degree) 5 years (3 yr. management) None (2 yr. recommended)
Total cost (course + exam) approx. €3,560 approx. €3,500-5,000 approx. €2,500-4,000 approx. €1,500-2,500
Validity 3 years + recertification 3 years + CPE 3 years + CPE 3 years + CE
Exam language German English English English / German
Relevance for DACH ★★★★★ ★★★☆☆ ★★★★☆ ★★☆☆☆
EU regulation (GDPR, NIS-2) ✓ Integrated ✗ US-focused Partially ✗ Not included
BSI IT-Grundschutz ✓ Integrated

Curriculum - 5-Day Programme

Mo 1

Foundations, Cryptography & PKI

4 modules · 8 teaching units

Morning · 09-12:30

Foundations & Cryptography

  • Security objectives (CIA triad), threats & risks
  • Symmetric encryption (AES, 3DES)
  • Asymmetric encryption (RSA, ECC)
  • Hash functions, digital signatures, post-quantum
Afternoon · 13:30-17

Public Key Infrastructure

  • PKI architecture: CA, RA, trust chains
  • X.509 certificates, CRL, OCSP
  • Key management and key lifecycle
  • Practice: TLS/SSL, S/MIME, code signing
Tu 2

Network & Application Security

4 modules · 8 teaching units

Morning · 09-12:30

Network Security

  • TCP/IP security and network protocols
  • Firewall architectures and IDS/IPS
  • VPN: IPsec, SSL-VPN, WireGuard
  • WLAN security (WPA3) & Zero Trust (ZTNA)
Afternoon · 13:30-17

Application Security

  • Attacker methods & OWASP Top 10
  • SQL injection, XSS, CSRF in depth
  • Secure Software Development Lifecycle
  • API security & microservices
We 3

Systems, Operations & Cloud Security

4 modules · 8 teaching units

Morning · 09-12:30

Malware & Operating Systems

  • Malware, ransomware, APTs - taxonomy
  • Content security & email security
  • Windows hardening & Linux security
  • Patch & vulnerability management, EDR
Afternoon · 13:30-17

Virtualisation & Cloud Security

  • Hypervisor, Docker, Kubernetes
  • IaaS, PaaS, SaaS - shared responsibility
  • BSI C5 catalogue & cloud compliance
  • MDM & BYOD strategies
Th 4

Security Management & Compliance

4 modules · 8 teaching units

Morning · 09-12:30

Authentication & Standards

  • Authentication, authorisation, IAM
  • MFA & passwordless methods (FIDO2)
  • ISO 27001/27002, BSI IT-Grundschutz
  • ISMS setup: policy, risk assessment
Afternoon · 13:30-17

BCM, Awareness & Auditing

  • BCM per ISO 22301 & incident response
  • SOC - setup and operations
  • Security awareness & social engineering
  • Security audits & penetration testing
Fr 5

Law, Physical Security & Exam Preparation

4 modules · 8 units · incl. intensive exam preparation

Morning · 09-12:30

Law & Physical Security

  • GDPR: TOMs, NIS-2, IT-SiG 2.0
  • Sector regulation: KRITIS, DORA, BAIT
  • Liability & compliance for management
  • Physical security & data centre protection
Afternoon · 13:30-17

Exam Preparation

  • ROI, TCO & risk management
  • Current threat landscape and trends
  • Intensive exam preparation with practice questions
  • Exam strategy, time management & Q&A

DEKRA exam · Friday of the following week

180 MC questions · 4 hours · 70% pass threshold · conducted entirely in German

Alternative: flexible exam date at DEKRA

Who is this course for?

The T.I.S.P. certificate course is aimed at experienced professionals working in information security, IT security, and security management who wish to validate their expertise through a European-recognised certification:

  • Information Security Officers (ISOs) and CISOs - demonstrating professional competence to management and auditors
  • Information security consultants - differentiation in a competitive market
  • IT administrators with security responsibilities - career step into security
  • Data protection officers with an IT security focus - bridging the gap between DPO and ISO roles
  • IT auditors and compliance managers - professional foundation for audit activities
  • IT managers - demonstrating competent handling of security responsibilities
  • Graduates with initial professional experience - career entry into IT security

Prerequisites

  • At least 3 years of professional experience in IT security or information security
  • Documentation of relevant references and qualifications (employment references, project descriptions)
  • Theoretical background in computer science, IT security, or a comparable field
  • Admission requirements are reviewed by DEKRA - we support you with the application process

Certification details

Exam procedure

The T.I.S.P. exam is administered by DEKRA as the independent certification body. DEKRA also reviews admission requirements and issues the certificate.

  • Format: 180 multiple-choice questions across all 20 modules
  • Duration: 4 hours (240 minutes; approx. 60 seconds per question on average)
  • Pass threshold: 70% correct answers (126 out of 180)
  • Exam fee: €360 net (not included in the course fee)
  • Retake: Once possible for €250 net without repeating the course
  • Language: Conducted entirely in German - questions, answers, all exam materials

Exam date at AWARE7

At AWARE7, the exam always takes place on the Friday one week after the final training day. Example: training ends on 12 Jun → exam on 19 Jun. You are not obliged to take this date - you may alternatively arrange a flexible exam date directly with DEKRA. This gives you more preparation time if needed.

Recertification - the complete guide

The T.I.S.P. certificate is valid for 3 years. Recertification extends it by a further 3 years - calculated from the original expiry date, not the application date. No repeat course or exam is required.

Important: observe the deadline

The recertification application must be submitted by the end of the 4th year after the last certification. After this point, renewal is no longer possible - the certificate expires permanently. Plan your recertification well in advance.

Three forms of evidence are required for recertification:

1. Activity record
Description of your professional activities, including the percentage of total working time spent on IT security.

2. Community Meeting
At least one visit to the T.I.S.P. Community Meeting within the last 3 years is mandatory. The next meeting takes place on 10-11 November 2026 in Berlin - moderated by Chris Wojzechowski (AWARE7). As an AWARE7 graduate, you receive advance registration details.

3. Continuing education record (average 20 hours per year)
Recognised continuing education includes:

  • Seminars, workshops, conferences - 8 hours per event day
  • Additional T.I.S.P. Community Meetings - 8 hours each
  • Professional publications (articles, books) - up to max. 20 hours
  • Development of training concepts - up to max. 20 hours
  • Project documentation with at least 50% personal contribution - up to max. 20 hours

Recognised external training providers include: OMNISECURE, ExperTeach, Fraunhofer SIT/Lernlabor, CAST e.V., isits, secorvo, M&H, and AWARE7's own events.

Important change since June 2024: DEKRA vs. PersCert/TÜV

Since mid-June 2024, PersCert/TÜV Rheinland accepts only isits AG graduates for T.I.S.P. exams and recertification. All other training providers - including AWARE7, secorvo, and M&H - submit both initial and recertification applications exclusively to DEKRA. This change regularly causes confusion among candidates. We are happy to assist you with the correct application process.

Career paths with the T.I.S.P. certificate

The T.I.S.P. certificate opens doors to a variety of career directions:

  • Information Security Officer (ISO): T.I.S.P. as a recognised qualification - ideal in combination with ISO 27001 Lead Auditor
  • Security Consultant: Solid foundation for advisory work - complemented by OSCP or OSCE for technical specialisation
  • CISO / Head of IT Security: Demonstrating strategic and technical competence at leadership level
  • IT Auditor: T.I.S.P. + ISO 27001 Lead Auditor = the ideal combination for audit work
  • Data Protection & Security: T.I.S.P. complements CIPP/E or CDPSE at the intersection of DPO and ISO roles

Salary with T.I.S.P. - market overview

T.I.S.P. certificate holders achieve above-average compensation in the German market. The following overview is based on current salary surveys for IT security roles in the DACH region:

Career level Gross annual salary (avg.)
ISO / Security Analyst (<3 years) €50,000 - €60,000
Security Consultant (3-7 years) €60,000 - €80,000
Senior Consultant / Lead Auditor €75,000 - €95,000
CISO / Head of IT Security €90,000 - €130,000

After the course

  • Access to the exclusive T.I.S.P. community with over 2,300 certified experts
  • Listing in the TeleTrusT certificate register as proof of quality
  • Use of the T.I.S.P. logo on business cards, LinkedIn, and email signatures
  • Post-course materials and exam simulations from AWARE7
  • Invitations to Community Meetings and AWARE7 events for recertification credits
The T.I.S.P. certificate targets experienced information security professionals working in IT security or security management. Typical participants include ISOs (Information Security Officers), CISOs, security consultants, IT auditors, and IT managers. A minimum of three years of professional experience with relevant references is required.
Requirements include: at least three years of professional experience in IT security with supporting references, documentation of relevant academic or professional qualifications, and completion of the one-week T.I.S.P. preparatory course. DEKRA reviews the admission prerequisites - we assist you with the application process.
The T.I.S.P. exam is administered by DEKRA as an independent certification body. It consists of 180 multiple-choice questions in 4 hours. A minimum score of 70% (126 out of 180) is required to pass. At AWARE7, the exam is scheduled on the Friday of the week following the last training day - for example, if training ends on 12 Jun, the exam is on 19 Jun. This exam date is optional - you may also schedule a flexible exam date directly with DEKRA.
The exam fee is €360 net (€428.40 including VAT) and is not included in the course fee. If you do not pass, a retake is available for €250 net - without repeating the course.
The T.I.S.P. certificate is valid for three years. It can then be renewed for a further three years by demonstrating continuing professional development and ongoing work in IT security. Renewal must be applied for by the end of the fourth year after the last certification - after this deadline, renewal is no longer possible. No repeat of the course or exam is required for recertification.
T.I.S.P. covers essentially the same knowledge areas as CISSP (20 modules vs. 8 domains), but is specifically tailored to the European regulatory environment. T.I.S.P. explicitly includes GDPR, NIS-2, BSI IT-Grundschutz, and EU-specific legislation, while CISSP is focused on US standards. For professionals operating in the DACH region, T.I.S.P. is the more relevant and practical choice. Additionally, the T.I.S.P. exam is conducted entirely in German.
Yes, the combination is highly recommended. T.I.S.P. provides the European regulatory perspective, CISSP the international recognition. Many of our graduates pursue both certifications. The content overlaps by approximately 70%, meaning the learning effort for the second certification is significantly reduced.
Our courses run exclusively on a GDPR-compliant platform hosted on German servers - no Zoom, Teams, or other US-based providers. You only need a current browser and a stable internet connection. Live interaction with instructors and fellow participants happens in real time via video, audio, and chat. All course materials are provided digitally.
The pass rate among our participants is well above the industry average. This is due to the intensive exam preparation on the final day, the practice questions provided, and the expertise of our instructors, who know precisely which topics carry the most exam weight.
Total costs: Course (5 days) at AWARE7: €3,200 net; DEKRA exam fee: €360 net - combined €3,560 net (€4,236.40 gross). Recertification after 3 years does not require a repeat course; the DEKRA recertification fee is currently approximately €150-200. Exam retake: €250 net without repeating the course. Group discounts for company bookings of 3 or more participants on request.
Recertification must be applied for at DEKRA by the end of the fourth year after the last certification - after this deadline, renewal is no longer possible. The certificate is extended by 3 years from the original expiry date. No repeat course or exam is required. You must demonstrate: (1) A description of your professional activities, including the percentage of time spent on IT security; (2) Attendance at at least one T.I.S.P. Community Meeting in the last 3 years; (3) Continuing professional development averaging 20 hours per year from recognised activities (seminars/workshops/conferences count as 8 hours per event day, additional Community Meetings as 8 hours, publications up to 20 hours, developing training concepts up to 20 hours, project documentation with at least 50% personal contribution up to 20 hours). Since June 2024: All providers except isits AG submit via DEKRA (no longer via PersCert/TÜV Rheinland).
There are four TeleTrusT-approved training providers: (1) AWARE7 - online, DEKRA exam, Board member Chris Wojzechowski as instructor, max. 15 participants, €3,200 + €360 exam. (2) isits AG - Bochum and online, TÜV Rheinland (PersCert), very high ratings (4.9/5 with over 250 reviews). (3) secorvo - Karlsruhe, DEKRA, authors of the official T.I.S.P. textbook, €3,140 early-bird + €360 exam. (4) M&H Training - Berlin and online, DEKRA, 10% early-bird discount. Important: Since mid-June 2024, PersCert/TÜV Rheinland only accepts isits graduates - all other providers use DEKRA.
Yes. §38 BSIG (Germany's NIS-2 implementation act) obligates management of affected organisations to mandate and monitor cybersecurity measures, with personal liability for failures. T.I.S.P. is the established recognised qualification for IT security professionals in Germany and explicitly covers GDPR, NIS-2, BSI IT-Grundschutz, and ISO 27001 as exam modules. With approximately 29,500 newly affected companies under NIS-2, demand for demonstrably qualified ISOs has grown substantially. T.I.S.P.-certified ISOs can document their qualifications reliably to regulators and insurers.
The T.I.S.P. Community Meeting is the annual professional event for all T.I.S.P. certificate holders, organised by the TeleTrusT association. The next meeting takes place on 10-11 November 2026 at the NH Collection Berlin-Mitte. Attendance counts as a mandatory requirement for recertification (one meeting per 3-year cycle) and as 8 hours towards the continuing education quota. Chris Wojzechowski (AWARE7 CEO and T.I.S.P. Board member) co-moderates the event with Nadine Voigt. Silas Borgmeier (AWARE7) presents a talk: 'Breaking Free from Dependence on US Cloud Services'. As an AWARE7 course participant, you will receive advance information about current Community Meeting dates.

Your Instructors

Experienced experts from research and practice guide you through the certificate course.

Jan Hörnemann
Jan Hörnemann

Chief Operating Officer · Prokurist

E-Mail
PGP A3FD64BB96C888E2

M.Sc. Internet-Sicherheit (if(is), Westfälische Hochschule). COO und Prokurist mit Expertise in Informationssicherheitsberatung und Security Awareness. Nachwuchsprofessor für Cyber Security an der FOM Hochschule, CISO-Referent bei der isits AG und Promovend am Graduierteninstitut NRW.

ISO 27001 Lead Auditor (PECB/TÜV) T.I.S.P. (TeleTrusT) ITIL 4 (PeopleCert) BSI IT-Grundschutz-Praktiker (DGI) Ext. ISB (TÜV) BSI CyberRisikoCheck CEH (EC-Council)
Vollständiges Profil ansehen
Oskar Braun
Oskar Braun

Abteilungsleiter Information Security Consulting

E-Mail
PGP 16154FF042E7431B

Dipl.-Math. (WWU Münster) und Promovend am Promotionskolleg NRW (Hochschule Rhein-Waal) mit Forschungsschwerpunkt Phishing-Awareness, Behavioral Security und Nudging in der IT-Sicherheit. Verantwortet den Aufbau und die Pflege von ISMS, leitet interne Audits nach ISO/IEC 27001:2022 und berät als externer ISB in KRITIS-Branchen. Lehrbeauftragter für Communication Security an der Hochschule Rhein-Waal und NIS2-Schulungsleiter bei der isits AG.

ISO 27001 Lead Auditor (IRCA) ISB (TÜV)
Vollständiges Profil ansehen

Course Details

Duration
5 days / 40 h
Format
Online (live)
Max. participants
15
Course fee
€3,200 net
Exam fee (DEKRA)
€360 net
Certificate
T.I.S.P. (DEKRA)
Exam language
German
Reserve Your Place

Upcoming Dates

  • 04-08 May 2026 Online
  • 12-16 Oct 2026 Online
  • 14-18 Dec 2026 Online

All dates online · Contact us for in-house training

What sets us apart

  • T.I.S.P. Board member as instructor - direct insider knowledge
  • Above-average pass rate through intensive exam preparation
  • Max. 15 participants for focused, interactive learning
  • GDPR-compliant platform on German servers
  • Community Meeting access & recertification support
"Thanks to the preparatory training, I had the opportunity to refresh my existing knowledge and pass the exam."

Michael Leinich, IT Security Consultant, Konica Minolta

Aus dem Blog

Weiterführende Artikel