[ISN] Security qualification makes the grade

InfoSec News isn at c4i.org
Thu Jun 24 07:35:14 EDT 2004


http://www.computerworld.com/securitytopics/security/story/0,10801,94042,00.html

By John E. Dunn
JUNE 23, 2004 
TECHWORLD.COM 

LONDON -- IT departments looking to hire new staff will be interested
to learn that one of the world's leading security qualifications, the
CISSP (certified information systems security professional), has
become the first in the industry to meet the new ISO/IEC 17024
standard.

The 17204 benchmark was launched last year by the International
Standards Organization as a way of assessing whether qualifications
across a range of professions could demonstrate minimum standards.

Despite its drab name, it's a good example of the way in which
professional qualifications -- and those affecting IT and security in
particular -- are increasingly coming under international scrutiny.

The CISSP security qualification, awarded by the not-for-profit
industry consortium (ISC)2, is held by 25,000 IT staff globally.

Passing the test requires taking an six-hour exam that marks
candidates on their understanding of broad-based security concepts,
and is only open to professionals with at least four years'
experience.

"Qualifications are important but they're not the be all and end all.  
But if I interview someone with a CISSP, I know they have a baseline
of knowledge," said (ISC)2 president John Colley.

He stressed that it wasn't designed to rival vendor-specific
qualifications such as Cisco Systems Inc.'s CCNP or Microsoft Corp.'s
MCSE, but instead to provide a higher-level equivalent that
demonstrated knowledge of a range of systems.

Such qualifications would become more important as security moved to
the center of the IT department and with staff increasingly hired on
the basis of their proven security knowledge, Colley said.

The CISSP was unlikely to become a necessity to getting a security
job, but he suggested it was establishing itself as necessary for
those members of the IT team tasked with hiring other security staff
in industries such as banking.





More information about the ISN mailing list