Information system security is a unique aspect of business, government, and society today. People who work to protect and secure information systems need a unique set of qualifications, of which technical knowledge is only one component. These individuals, to whom organizations regularly entrust their innermost secrets, must be experienced, trustworthy, and bound to a code of ethics.
CISSP stands for Certified Information Systems Security Professional. CISSP is a trademarked certification for information system security professionals. (ISC)² is the name of the non-profit organization that owns the CISSP trademark and is in charge of the entire CISSP program. (ISC)² stands for International Information Systems Security Certification Consortium (pronounce as "I-S-C-squared"). Becoming a CISSP requires several things of an individual, one of which is passing a rigorous and wide-ranging examination which includes a lot of the theory, as well as the practice, of information system security.
To become a CISSP, a candidate must successfully complete two separate processes: Examination and Certification. The eligibility requirements to sit for the CISSP examination are completely separate from the eligibility requirements necessary to be certified.
The Ten Domains of the CISSP are: 1. Access Control Systems & Methodology; 2. Telecommunications & Network Security; 3. Security Management Practices; 4. Applications & Systems Development Security; 5. Cryptography; 6. Security Architecture & Models; 7. Operations Security; 8. Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP); 9. Law, Investigations & Ethics; 10. Physical Security.
Benefits of Certification to the Professional: Demonstrates a working knowledge of information security; Confirms commitment to profession; Offers a career differentiation, with enhanced credibility and marketability; Provides access to valuable resources, such as peer networking and idea exchange.
Benefits of Certification to the Enterprise: Establishes a standard of best practices; Offers a solutions-orientation, not specialization, based on the broader understanding of the (ISC)² Common Body of Knowledge (CBK); Allows access to a network of global industry and subject matter/domain experts; Makes broad-based security information resources readily available; Adds to credibility with the rigor and regimen of the certification examinations; Provides a business and technology orientation to risk management.
If you want to become a CISSP, visit www.isc2.org
|
