The Skills Framework for the Information Age (SFIA) now recognizes the ISC2 Certified in Cybersecurity (CC) credential and course. ISC2 now has five certification courses and six credentialsmapped to the framework. This article will break down how the CC is mapped to the SFIA framework and what this means for credential holders and those who have taken the CC course.
SFIA Overview
The SFIA is a skill-based global framework that defines the professional skills, behaviors and knowledge needed to work in the digital age. The seven-level framework provides a well-established and trusted skills and competency resource for information and cybersecurity. The seven levels of responsibility are defined in terms of the five responsibility attributes reflecting professional employment. The way the attributes correspond to an individual’s role determines their SFIA level.
How the CC Credential Maps to the SFIA
According to the SFIA, a CC-certified practitioner could reasonably be expected to have demonstrated the knowledge necessary for the following skills at Level 1 (Follow) or Level 2 (Assist).
- Information Security – Level 2
- Information Assurance – Level 2
- Risk Management – Level 2
- Data Management – Level 2
- System Software Administration – Level 2
- Network Support – Level 1
- Service Level Management – Level 2
- Continuity Management – Level 2
- Incident Management – Level 1
- Security Operations – Level 1
- Identity and Access Management – Level 1
Holding the CC credential is evidence that a professional could perform these skills in a security role or function and, outside of core-security roles, understand the importance of these skills across other business functions.
How the CC Course Maps to the SFIA
Upon completion of the CC course – which is available free for ISC2 Candidates – a professional could be expected to have obtained the knowledge necessary for the following skills at Level 1 or 2:
- Information Security – Level 2
- Information Assurance – Level 2
- Risk Management – Level 2
- Data Management – Level 2
- Infrastructure Operations – Level 2
- System Software Administration – Level 2
- Network Support – Level 1
- Configuration Management – Level 2
- Facilities Management – Level 2
- Service Level Management – Level 2
- Continuity Management – Level 2
- Incident Management – Level 1
- Change Control – Level 2
- Security Operations – Level 1
- Identity and Access Management – Level 1
- Vulnerability Assessment – Level 2
- Learning Delivery – Level 2
Conclusion
As a CC holder, your knowledge, skills and abilities are recognized in eleven skill categories in the SFIA framework. And taking the CC course supports professional development in thirteen skill categories.
According to Version 9 of the SFIA Framework, “The CC certification creates a clear pathway to an exciting and rewarding career in cybersecurity. It breaks down traditional barriers to entry, enabling confidence to be built for entry into a first cybersecurity role. CC candidates include IT professionals, career-changers, college students or recent graduates and executives seeking foundational knowledge in cybersecurity.”
The inclusion in the SFIA framework is another global recognition of the CC credential, alongside its mapping to the U.S. DoD 8140 cybersecurity marketplace and the ENISA’s European Cybersecurity Skills Framework (ECSF).