Credentials of Information Security Professionals: A summary of the various types of certifications
The purpose of this document is to provide a summary of the various types of certifications available to information security professionals. A credential is best defined as a proof of qualification, competence, or clearance that is attached to a person, and often considered an attribute of that person. It is necessary for information security professionals to be properly trained and have the needed credentials to meet the existing and emerging challenges of the information age. Throughout this document we will discuss and summarize the following credentials.
* Certified Information Systems Security Professional (CISSP)
* Systems Security Certified Practitioner (SSCP)
* Certified Information Systems Auditor (CISA)
* Certified Information Security Manager (CISM)
* Global Information Assurance Certification (GIAC)
* Security Certified Professional (SCP)
* TruSecure ICSA Certified Security Associate (TICSA)
* Certified Information Forensics Investigator
Certified Information Systems Security Professional (CISSP): CISSP certification is considered one of the premiere Information Security certifications.
It is governed by the International Information Systems Security Certifications Consortium (ISC)2 and is universally recognized as key component in the selection process for management-level information security positions. The CISSP certification helps companies identify individuals who have the technical ability, knowledge, and experience to implement solid security practices, perform risk analysis, identify necessary countermeasures, and help an organization as a whole protect its facility, network, systems, and information. Excerpts from ISC2 claimed that "The CISSP certification covers in detail information the ten different domains which comprise the (ISC)2. The ten different areas are Access Control, Application Security, Business Continuity and Disaster Recovery Planning, Cryptography, Information Security and Risk Management, Legal, Regulations, Compliance and Investigations, Operations Security, Physical (Environmental) Security, Security Architecture and Design, Telecommunications and Network Security (ISC2)."
Systems Security Certified Practitioner (SSCP): SSCP...