当前位置: 首页 > 知识体系 > IT Security > 详情

CISSP®

Title / definition
CISSP® – Certified Information Systems Security Professional. CISSP® is a globally recognized certification scheme for IT Security professionals.
 
Type
Certification scheme
 
Owner
The CISSP®  certification scheme is owned by (ISC)²®. The International Information Systems Security Certification Consortium, Inc. (ISC)²® is a not-for-profit provider in educating and certifying information security professionals throughout their careers. (ISC)²®
 
Brief history and description
The CISSP was the first credential in the field of information security to meet the stringent requirements of ISO/IEC Standard 17024.
 
“A CISSP is an information assurance professional who defines the architecture, design, management and/or controls that assure the security of business environments. The vast breadth of knowledge and the experience it takes to pass the exam is what sets the CISSP apart. The credential demonstrates a globally recognized standard of competence provided by the International Information Systems Security Certification Consortium (ISC)² CBK® which covers critical topics in security today, including cloud computing, mobile security, application development security, risk management and more. The (ISC)² CBK is a taxonomy – a collection of topics relevant to information security professionals around the world. The (ISC)² CBK establishes a common framework of information security terms and principles which allows information security professionals worldwide to discuss, debate, and resolve matters pertaining to the profession with a common understanding. ” (source: ISC2.org).
 
To attain the CISSP credential the candidate has to demonstrate professional experience in two or more of the following pre-defined (ISC)² CISSP domains:
 
Access Control
Telecommunications and Network Security
Information Security Governance and Risk Management
Software Development Security
Cryptography
Security Architecture and Design
Operations Security
Business Continuity and Disaster Recovery Planning
Legal, Regulations, Investigations and Compliance
Physical (Environmental) Security
The following benefits are cited for certified professionals and their employers: (source: ISC2.org)
 
Benefits of the CISSP for Professionals
 
Demonstrates a working knowledge of information security
Confirms commitment to profession
Offers a career differentiator, with enhanced credibility and marketability
Affords you exclusive benefits as an (ISC)² member, including valuable resources such as peer networking and idea exchange
Indicates that certified information security professionals earn a worldwide average of 25% more than their non-certified counterparts, according to the Global Information Security Workforce Study
Fulfills government and organization requirements for information security certification mandates
Benefits of the CISSP for Employers
 
Positions candidates on a level playing field as (ISC)² certifications are recognized internationally
Provides increased credibility for your organization when working with vendors and contractors
Empowers employees with a universal language, circumventing ambiguity with industry-accepted terms and practices
Validates commitment and years of experience gained in the industry
Requires Continuing Professional Education (CPE) credits to ensure that personnel keep their skills current
Satisfies certification mandate requirements for service providers or subcontractors
CISSP concentrations
 
The following so-called CISSP concentrations were developed to cater for specific needs of (ISC)² members.
 
Architecture (CISSP-ISSAP®)
Engineering (CISSP-ISSEP®)
Management (CISSP-ISSMP®)
Target Audience
IT Security professionals.
 
User communities and groups
(ISC)²  runs the so-called (ISC)² Chapter Program. (ISC)² states the benefits of this program as follows: “Being a member of an (ISC)² Chapter has its benefits. Not only will you gain a sense of fellowship with colleagues in your profession, you will also be able to network and exchange ideas with fellow (ISC)² credential holders and other information security professionals in your local area.” CISSP certified professionals can both join or start a chapter.
 
Official publisher
The International Information Systems Security Certification Consortium, Inc.(ISC)²®
 
Accreditations and qualifications
(ISC)²® runs several certification programs, of which CISSP® – Certified Information Systems Security Professional –  is featured in this document.
 
Tooling
n/a

(C) Van Haren Publishing 2015
该文章的版权属于国际最佳实践管理联盟和荷兰范哈仑出版社,未经授权,不得转载!版权所有,侵权必究。