From Wikipedia, the free encyclopedia
  (Redirected from ISC2)
Jump to: navigation, search
International Information Systems Security Certification Consortium
(ISC)² logo (vectorized).svg
Founded 1988
Type non-profit
Focus Information Security
Area served
Services Professional Certifications
101,567 (2012)[1]
Slogan Security Transcends Technology[2]
Mission We make society safer by improving productivity, efficiency and resilience of information-dependent economies through information security education and certification[2]
Website www.isc2.org

The International Information Systems Security Certification Consortium ((ISC)²) is a non-profit organization which specializes in information security education and certifications.[3][4] It has been described as "world's largest IT security organization".[5] The most widely known certification offered by (ISC)² is the Certified Information Systems Security Professional (CISSP) certification.[6][7]


In the mid-1980s a need arose for a standardized and vendor-neutral certification program that provided structure and demonstrated competence. In November 1988, the Special Interest Group for Computer Security (SIG-CS), a member of the Data Processing Management Association (DPMA), brought together several organizations interested in this. The (ISC)² was formed in mid-1989 as a non-profit organization with this goal.[8]

By 1990, first working committee to establish Common Body of Knowledge (CBK) has been formed. Work of the working committee has resulted in first version of CBK being finalized by 1992, with CISSP credential launched by 1994, followed by SSCP credential in 2001, CAP credential in 2005, and CSSLP credential in 2008.[9]

Since 2011, (ISC)² organizes annual (ISC)² Security Congress, which is co-located with ASIS International Annual Seminar and Exhibits, with more than 20000 professionals attending.[6][10]

In March 2012, (ISC)² announced a strategic alliance with the not-for-profit organisation IT Acquisition Advisory Council[11]

Professional Certifications[edit]

(ISC)² maintains what it calls a Common Body of Knowledge for information security for the following certifications:[2]

It is certified by ANSI that (ISC)² meets requirements of ANSI/ISO/IEC Standard 17024, a personnel certification accreditation program. As of 2012, accreditation covers CISSP, SSCP, ISSEP, ISSAP, ISSMP, CAP, and CSSLP certifications.[12]

Continuous Professional Education[edit]

All (ISC)² certified professionals are required to earn Continuous Professional Education (CPE) credits on annual basis to keep certification. CPE credits can be obtained by attending industry events or conferences, writing articles/book reviews/books, etc.[13]

Code of Ethics[edit]

All certified (ISC)² professionals are required to support (ISC)² code of ethics. Violations of code of ethics are investigated by peer review panel, with potential of revoking the certification.[14] (ISC)² (along with other security certification organizations) has been criticized for lack of education in the area of ethics [15]

See also[edit]

External links[edit]