Career Path
Associations
Association Accreditations
College / University Qualifications
Other Qualifications
Jobs
Recruitment Tips
What does a CISO look for
Association List
British Computer Society (BCS) / Information Systems Examination Board (ISEB)
The British Computer Society (BCS) is the only Chartered Engineering Institution for Information Systems Engineering. Through the Information Systems Examinations Board (ISEB), the BCS provides industry-recognised qualifications that measure competence, ability and performance in many areas of information security.
The BCS offers the following information security qualification:- Certificate in Information Security Management Principles (CISMP)
See qualifications and accreditations section for more info.
Information Systems Audit and Control Association (ISACA)
With more than 75,000 members in more than 160 countries, ISACA (www.isaca.org) is a recognized worldwide leader in IT governance, control, security and assurance. Founded in 1969, ISACA sponsors international conferences, publishes the Information Systems Control Journal, and develops international information systems auditing and control standards. ISACA also administers the following qualifications:
- The Certified Information Systems Auditor (CISA) designation, earned by more than 60,000 professionals since 1978
- The Certified Information Security Manager (CISM) designation, earned by more than 9,000 professionals since 2002
- The new Certified in the Governance of Enterprise IT (CGEIT) designation
The Information Systems Audit and Control Association (ISACA) was founded in the United States in 1969 as the EDP Auditors Association. It is an international association of professionals involved in information systems audit, control, quality assurance and security, is well known for the computer audit qualification CISA and has chapters all round the globe.
Information Security Awareness Forum - ISAF
Awareness of Information Security Awareness messages within the UK continues to be problematic at both an individual and a corporate level. This is largely due to the lack of coordination across the industry with multiple organisations and associations having activities in security awareness.
This ultimately means that there is the potential for a duplication of effort resulting in missed opportunities and inconsistent messages to end-users and decision takers, from consumers to directors. The Information Security Awareness Forum aims to correct this by creating a co-ordinated cross-industry / cross-institution approach for delivering security awareness messages to large corporations, SMEs, and individuals.
International Information Systems Security Certification Consortium (ISC)²
(ISC)²® is a global, not-for-profit organisation internationally recognized Gold Standard for certifying information security professionals. (ISC)² main focus is to develop an accepted industry standard for the practice of information security in all of its forms. (ISC)² develops and maintains the (ISC)² CBK, a taxonomy of information security topics. The CBK is a critical body of knowledge that defines global industry standards, serving as a common framework of terms and principles that allow professionals worldwide to discuss, debate and resolve matters pertaining to the field.
(ISC)² was the first information security certifying body to meet the requirements of ANSI/ISO/IEC Standard 17024, a global benchmark for personnel certification. To date, all (ISC)² credentials have been accredited against this standard, making the (ISC)² credentialing program a must have in the international business community.
(ISC)² provides a career path for information security professionals from the beginning of their career until retirement. (ISC)² offers advanced education, rigorous testing, and the following certifications and specialized concentrations:
- Systems Security Certified Practitioner (SSCP®)
- Certification and Accreditation Professional (CAPCM)
- Certified Information Systems Security Professional (CISSP®), and related concentrations:
- Information Systems Security Architecture Professional (CISSP-ISSAP®)
- Information Systems Security Management Professional (CISSP-ISSMP®)
- Information Systems Security Engineering Professional (CISSP-ISSEP®)
Information Security Forum (ISF)
The Information Security Forum (ISF) is the world's leading independent authority on information security. By harnessing our world-renowned expertise and the collective knowledge and experience of our members - including 50% of Fortune 100 companies - the ISF delivers practical guidance and solutions to overcome wide-ranging security challenges impacting business information today.
The ISF is an international not-for-profit organisation driven by its Members. Over 300 leading companies and public sector organisations, fund and cooperate in the development of practical research about information security. With more than US million already invested in providing authoritative best-practice material, along with powerful business-driven methodologies and tools, we offer an excellent return on investment by eliminating much of the cost involved in developing your own solutions independently.
As a Member, you will have access to the most comprehensive and integrated set of publications and tools anywhere in the world about information security, while our globally-recognised Standard of Good Practice for Information Security will help you manage every aspect of your information systems.
With information exchange at the heart of the ISF, our international programme of workgroups, meetings, forums and annual World Congress, provides you with a unparalleled opportunity to share experiences and explore security issues in an environment of trust and confidence. You can also take part in our biannual Security Status Survey that offers a unique real-world benchmarking opportunity to measure information risk and impact.
Information Systems Security Association (ISSA)
With active participation from individuals and chapters all over the world, the information Systems Security Association (ISSA) is the largest international non-for-profit association specifically for information security professionals. It provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members. It is also the “preferred partner” for (ISC)² for CISSP’s and SSCP’s.
Members include practitioners at all levels of the security field in a broad range of industries, such as communications, education, healthcare, manufacturing, financial and government.
The ISSA international board consists of some of the most influential people in the security industry, with representatives from Dell Computer Corporation, EDS, Forrester Research Inc., Symantec and Washington Mutual. With an international communications network developed throughout the industry, the ISSA is focused on maintaining its position as The Global Voice of Information Security.
The primary goal of the ISSA is to promote management practices that will ensure the confidentiality, integrity and availability of information resources. The ISSA facilitates interaction and education to create a more successful environment for global information systems security and for the professionals involved.
Jericho Forum
The Jericho Forum is an international IT security thought-leadership group dedicated to defining ways to deliver effective IT security solutions that will match the increasing business demands for secureIT operations in our open, Internet-driven, globally networked world. Our members include multi-national corporate user organizations, major security vendors, solutions providers, and academics, working together to:
- drive and influence development of new architectures, inter-workable technology solutions, and implementation approaches, for securing our de-perimeterizing world
- support development of open standards that will underpin these technology solutions.
SANS Institute
SANS is a trusted and by far the largest source for information security training and certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - Internet Storm Center.
The SANS (SysAdmin, Audit, Network, Security) Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community.
The SANS Institute provides the following accreditation:- Global Information Assurance Certification (GIAC)
See qualifications and accreditations section for more info.