Jump to content

Main menu Navigation ●Main page ●Contents ●Current events ●Random article ●About Wikipedia ●Contact us ●Donate Contribute ●Help ●Learn to edit ●Community portal ●Recent changes ●Upload file

●Create account ●Log in ●Create account ● Log in Pages for logged out editors learn more ●Contributions ●Talk

(Top) 1 History 2 Professional certifications 2.1 Continuous Professional Education 3 Code of Ethics 4 See also 5 References 6 External links

ISC2

●Español ●فارسی ●Français ●Русский ●Українська Edit links ●Article ●Talk ●Read ●Edit ●View history Tools Actions ●Read ●Edit ●View history General ●What links here ●Related changes ●Upload file ●Special pages ●Permanent link ●Page information ●Cite this page ●Get shortened URL ●Download QR code ●Wikidata item Print/export ●Download as PDF ●Printable version Appearance From Wikipedia, the free encyclopedia (Redirected from (ISC)²)

International Information System Security Certification Consortium

Founded	1989
Type	Non-profit
Focus	Cybersecurity, Information Security, Software Security, Infrastructure Security
Location	Alexandria, Virginia
Area served	Worldwide
Services	Professional Certifications
Members	600,000+ (2024)^[1]
CEO	Clar Rosso
Website	https://www.isc2.org

The International Information System Security Certification Consortium, or ISC2, is a non-profit organization which specializes in training and certifications for cybersecurity professionals.^[2]^[3] It has been described as the "world's largest IT security organization".^[4] The most widely known certification offered by ISC2 is the Certified Information Systems Security Professional (CISSP) certification.^[5]^[6]

History[edit]

In the mid-1980s a need arose for a standardized and vendor-neutral certification program that provided structure and demonstrated competence in the field of IT security, and several professional societies recognized that certification programs attesting to the qualifications of information security personnel were desperately needed.

In June 1988, a conference was hosted by the National Institutes of Standards and Technology (NIST) and the Federal Information Systems Security Educators Association (FISSEA) at Idaho State University in Pocatello, Idaho to address the need for standardized curriculum for the burgeoning profession. Organizations in attendance included:

Canadian Information Processing Society (CIPS)
Computer Security Institute (CSI)
Data Processing Management Association Special Interest Group for Certified Professionals (DPMA SIG-CP)
Data Processing Management Association Special Interest Group for Computer Security (DPMA SIG-CS)
Idaho State University (ISU)
Information Systems Security Association (ISSA)
International Federation for Information Processing (IFIP)

During the conference, the question was raised why virtually every group represented, save NIST and ISU, was creating a professional certification. The conference participants agreed to form a consortium that would attempt to bring together the competing agendas of the various organizations. In November 1988, the Special Interest Group for Computer Security (SIG-CS), a member of the Data Processing Management Association (DPMA), brought together several organizations interested in this. The ISC2 was formed in mid-1989 as a non-profit organization with this goal in mind.

By 1990, the first working committee to establish something called the Common Body of Knowledge (CBK) had been formed. The work done by that committee resulted in the first version of CBK being finalized by 1992, with the CISSP credential launched by 1994, followed by the SSCP credential in 2001, the CAP credential in 2005, and the CSSLP credential in 2008, the CCFP and HCISPP in 2013 and the CCSP in 2015.

In 2001, ISC2 established its Europe, Middle East and Africa regional office in London. In 2002, ISC2 opened its Asia-Pacific regional office in Hong Kong. In 2015, ISC2 introduced its North America regional office in Washington, D.C.

Since 2011, ISC2 organizes the annual ISC2 Security Congress conference. The 2019 conference will be the first international iteration of the event and will be held in Orlando, Florida.

In 2022, ISC2 pledged to expand and diversify the cybersecurity workforce by providing free ISC2 Certified in Cybersecurity education and exams to one million people worldwide.^[7]

In August 2023, ISC2 launched their new website and rebrand, changing the abbreviation of their name from (ISC)² to ISC2.^[8]

Professional certifications[edit]

ISC2 maintains what it calls a Common Body of Knowledge for information security for the following certifications:^[9]

Certified Information Systems Security Professional (CISSP), including:

and including:

Certified in Cybersecurity (CC)
Certified Secure Software Lifecycle Professional (CSSLP)
Certified Cloud Security Professional (CCSP)
Systems Security Certified Practitioner (SSCP)
Health Care Information Security and Privacy Practitioner (HCISPP) (credential set to sunset December 1, 2026)^[10]
Certified in Governance, Risk and Compliance Certification (CGRC) (formally Certified Authorization Professional (CAP))

All ISC2 certifications are accredited and meet ANSI/ISO/IEC Standard 17024.^[11] Additionally, all certifications other than the CC meet DoD 8570.1 Baseline Certification standards.^[12] The CGRC is still listed as CAP on the DoD's table.

Continuous Professional Education[edit]

All ISC2 certified professionals are required to earn Continuous Professional Education (CPE) credits on an annual basis in order to maintain their certifications. CPE credits can be obtained by attending industry events or conferences, writing articles/book reviews/books, etc.^[13]

Code of Ethics[edit]

All certified ISC2 professionals are required to support the ISC2 Code of Ethics. Violations of the code of ethics are each investigated by a peer review panel, within the potential of revoking the certification.^[14] ISC2 (along with other security certification organizations) has been criticized for lack of education in the area of ethics.^[15]

References[edit]

^ "ISC2 about page". ISC2. Retrieved 2024-05-16.

^ Ashford, Warwick (2012-09-11). "Skills shortage means no unemployment in IT security, says (ISC)2". ComputerWeekly. Retrieved 2024-05-16.

^ Dunn, John E. (2012-04-18). "New board connects (ISC)2 security professionals to public policy". ComputerWorld UK. Archived from the original on 2015-09-28.

^ Kerner, Sean Michael (2012-09-14). "(ISC)2: Execs Must Buy Into IT Security". eSecurity Planet. Archived from the original on 2017-12-10. Retrieved 2024-05-16.

^ "(ISC)2 releases government program for conference in Philly alongside ASIS". Government Security News. 2012-08-03. Archived from the original on 2013-05-21. Retrieved 2024-05-16.

^ Parizo, Eric (2011-09-22). "(ISC)2 at a crossroads: CISSP value vs. security industry growth". SearchSecurity. Archived from the original on 2021-04-22. Retrieved 2024-05-16.

^ "ISC2 Opens Global Enrollment for One Million Certified in Cybersecurity". ISC2. 2022-08-31.

^ "ISC2 Announces Major Milestone as Community Grows to Half a Million Strong". www.isc2.org. 2023-08-18. Retrieved 2024-05-16.

^ "About (ISC)²". Archived from the original on 2008-12-17. Retrieved 2024-05-16.. (ISC)²

^ "Become an HCISPP – HealthCare Information Security and Privacy Practitioner". ISC2. Retrieved 2024-05-16.

^ "ANSI Accreditation Services - International Information System Security Certification Consortium, Inc". Retrieved 2024-05-16.

^ "DoD Approved 8570 Baseline Certifications". DoD Cyber Exchange. Archived from the original on 2023-03-13. Retrieved 2024-05-16.

^ "ISC2 Certification Maintenance Handbook" (PDF). ISC2. Retrieved 2024-05-16.

^ "ISC2 Code Of Ethics". ISC2. Retrieved 2024-05-16.

^ "Security Certifications' Ethics Programs Merely Window-Dressing". 2008-09-01. Archived from the original on 2013-05-21. Retrieved 2024-05-16.

External links[edit]

The ISC2 website

Retrieved from "https://en.wikipedia.org/w/index.php?title=ISC2&oldid=1224759073" Categories: ●(ISC)² ●Computer security organizations ●Non-profit organizations based in Florida ●Organizations established in 1988 ●Companies based in St. Petersburg, Florida Hidden categories: ●Articles with short description ●Short description is different from Wikidata ●Articles with ISNI identifiers ●Articles with VIAF identifiers ●Articles with LCCN identifiers ●This page was last edited on 20 May 2024, at 08:32 (UTC). ●Text is available under the Creative Commons Attribution-ShareAlike License 4.0; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a non-profit organization. ●Privacy policy ●About Wikipedia ●Disclaimers ●Contact Wikipedia ●Code of Conduct ●Developers ●Statistics ●Cookie statement ●Mobile view