Certified Protection Professional (CPP)
I continue my coverage of ASIS certifications here, with the second of three (the last newsletter covered the Physical Security Professional, or PSP credential). This organization was once known as the American Society for Industrial Security, and is now called ASIS International—I examine their certified protection professional or CPP certification in this newsletter.
CPP certification focuses on professionals who can manage security issues, with an emphasis on protecting people, information assets, and property. The CPP is ASIS International’s longest-running cert program, and already includes nearly 10,000 certified individuals. As with other ASIS International programs, individuals must not only pass an exam, but also meet other experience and background requirements as well. The requirements for this exam cover the following topics:
- Security Management: Covers numerous management disciplines with a special emphasis on security components, including financial, personnel, and security implementation management. Also covers countermeasures selection, vulnerability and risk assessments, security policy, loss prevention, and other legal and corporate prevention and enforcement approaches.
- Investigations: this covers various types of investigative resources available to security professionals, plus investigation methods, results and reports from such investigations, and what types of investigations security professionals are likely to conduct.
- Legal Aspects of Security: this includes administrative and regulatory agency requirements, civil liability torts, civil rights and fair employment issues, contract considerations, working with cybercrimes and the criminal justice system, and due process and matters of constitutional immunity.
- Physical Security: covers aspects of managing and controlling access in the real world, including employee and visitor control, alarms and barriers, facility planning, guard patrols and weapons, materials controls, managing facilities and equipment, securing and monitoring boundaries, gates, and lobbies, plus use of protective lighting. Security surveys and parking, traffic control, communications, and security transport also fall under this heading.
- Protection of Sensitive Information: this includes access controls, personnel authentication and identification, and data sensitivity analysis and classification.
- Emergency Management: covers implementation and development of emergency, contingency, disaster, and business continuity planning, along with emergency response and incident handling methods, practices, and procedures.
To be eligible for certification as a CPP, individuals must do more than pass a demanding examination. Additional requirements also include:
- 9years of experience in the security field, with at least 3 years “in responsible charge of a security function” or 7 years experience with a Bachelor’s Degree (or higher) from an accredited instituion
- A clean criminal record that will not “negatively reflect on the security profession, ASIS International, or the Certified Protection Professional Certification Program.”
In short, this is a senior-level information security certification with a decided emphasis on security analysis, design, planning, implementation, and maintenance. Those who wish to work the information systems side of security would do very well indeed to obtain this credential, provided they can meet its fairly demanding requirements. Visit http://www.asisonline.org/certification/cpp/index.xml for more information.