(ISC)² Security Transcends Technology



Courtney Jewell
Extension Group
(703) 234-7815


Accreditation Pioneer Continues to Meet Rigorous Certification Requirements for
Global Personnel Standard

Palm Harbor, Fla., USA, Sept. 26, 2005 – The International Information Systems Security Certification Consortium [(ISC)²®], the non-profit international leader in educating and certifying information security professionals worldwide and currently celebrating the Year of the Information Security Professional, today announced that the International Organization for Standardization’s (ISO) United States representative, ANSI (American National Standards Institute), has renewed accreditation of its CISSP® (Certified Information Systems Security Professional) credential under the ISO/IEC 17024 standard in the area of information security.

ISO/IEC 17024 establishes a global benchmark for the certification of personnel, ensuring knowledge and technical competency in different professions. ANSI accredits standards developers, certification bodies and technical advisory groups to both the ISO and the International Electrotechnical Commission (IEC). Motivated by a growing dependence on networking and the threat of global terrorism, many organizations, including the U.S. Department of Defense (DoD), have begun mandating that their key information security personnel obtain an accredited certification. DoD Directive 8570.1M, signed last August and expected to begin taking effect this winter, mandates certification for all full- or part-time military service members, contractors or foreign employees with privileged access to a DoD system, regardless of job series or occupational specialty.

(ISC)²’s CISSP was the first commercial offering to successfully complete the rigorous evaluation and accreditation process required by ANSI for the 17024 standard. (ISC)² has also applied for accreditation of its SSCP® (Systems Security Certified Practitioner) credential and aims to have all its certifications and concentrations ANSI-accredited to ISO/IEC 17024.

"We are proud that the CISSP was accredited by ANSI under the 17024 standard, that it continues to meet the standard’s demands and has since inspired others to seek this important accreditation," said Rolf Moulton, CISSP-ISSMP, president and CEO (interim), (ISC)². "This renewal confirms our commitment to supporting the DoD's efforts to certify those information assurance personnel who are critical to safeguarding the agency’s networks and ensuring that mission-critical information gets to the right people at the right time."

The renewal process for ANSI accreditation under 17024 takes place annually, and companies must adhere to meticulous requirements regarding process, practice and ethics. Among the many areas that ANSI monitors on an ongoing basis are:
• Corporate governance
• Internal audit and management review systems
• Use of subject matter experts
• Personnel files and policies
• Management of confidential and objectivity requirements
• Procedures for monitoring the ethics of certificate holders

"The Annual Surveillance process facilitates the certification body to continually improve its processes and take preventive actions to improve the quality of the organization. (ISC)² can be proud its CISSP has successfully completed the rigorous annual surveillance process and continues to be accredited by ANSI," said Roy Swift, Ph.D., program director, personnel certification accreditation.

The CISSP is awarded by (ISC)² to information security professionals who successfully pass a comprehensive six-hour examination based on the (ISC)² CBK®, a compendium of global information security best practices, possess four years cumulative work experience in the field, subscribe to the (ISC)² Code of Ethics, and are endorsed by an existing CISSP or equivalent professional. Continuing Professional Education credits are required to maintain certification.