(ISC)2 Recognizes Information Security Experience
The International Information Systems Security Certification Consortium (ISC)2 announced the launch of a “grandfathering” process for credentialed Certified Information Systems Security Professionals (CISSPs) who wish to apply for advanced ISSAP (Information Systems Security Architecture Professional) and ISSMP (Information Systems Security Management Professional) certifications.
(ISC)2 continues to develop worldwide information security credentials that validate in-depth, specialized knowledge and expertise in selected areas of the consortium’s common body of knowledge (CBK). This means developing two concentrations in management and architecture in response to constituent demand. “We accommodate IT professionals because the field is growing,” said Tony Baratta, CISSP, program director at (ISC)2. “It’s becoming more complex, and the constituents asked us to provide a way for them to prove their value in management or architecture.”
The ISSAP and ISSMP advanced concentrations enable CISSPs to demonstrate subject-matter expertise beyond that required for the CISSP credential and are designed to complement the CISSP for those desiring additional validation of these skills for career paths in management and technology. “The same way in college you would declare a major? It’s sort of the same thing with this,” said Baratta. “It’s allows people to prove their experience and expertise in those two areas of concentration. The advantage is that these folks can now prove to management, co-workers, their fellow security professionals, that they are more knowledgeable because the certifications go into more depth than the CISSP in those particular areas.”
Those in the ISSMP concentration will be able to show their more focused experience, knowledge and expertise in enterprise security management practices, enterprise-wide systems development security, operations security compliance and law, investigation forensics and ethics and disaster recovery. The ISSAP validates knowledge in the access-control systems and methodology, network security and telecommunications, cryptography and requirements analysis and security standards domains of the (ISC)2 CBK.
Candidates for ISSAP and ISSMP grandfathering must be CISSPs in good standing and must demonstrate four total years of professional information security experience and two years of information security experience in either management or architecture. All candidates must complete and submit a two-part application package to demonstrate their advanced certification qualifications. A $450 (U.S.) processing and review fee is also required.
The first part of the grandfathering package is a checklist to ensure that required items are completed on the application form, confirms CISSP status and verifies that required attachments are included. The second part of the package requires candidates to provide detailed explanations of their experience.
Candidates for the ISSAP must highlight relevant background in security technology design, integration and network/application skills, providing additional documentation as necessary. In addition, candidates must write three short essays describing experience in access-control systems, and methodology and telecommunications. The candidate selects the third essay subject from a provided list of other relevant CBK domains.
The ISSAP and ISSMP grandfathering process will be offered from May 1 through Dec. 31, 2004 and is designed to take two weeks from the receipt of the application package to official notification responses to candidates.
For more information, see https://www.isc2.org/cgi-bin/content.cgi?page=390.