Chartered Institute of Information Security

From Wikipedia, the free encyclopedia
The Chartered Institute of Information Security
Legal statusLimited Company registered in England and Wales
PurposeProfessional Body
HeadquartersEvesham, Worcestershire United Kingdom
Region served
United Kingdom, Worldwide
Alastair MacWillson
WebsiteCIISec website

The Chartered Institute of Information Security (CIISec), formerly the Institute of Information Security Professionals (IISP), is an independent, not-for-profit body governed by its members, with the principal objective of advancing the professionalism of information security practitioners and thereby the professionalism of the industry as a whole.

The primary aim of the institute is to provide a universally accepted focal point for the information security profession.[1]


The Chartered Institute of Information Security has a membership representing over 10,000 individuals globally throughout Industry, Academia and Government.

CIISec has offices in Evesham, Worcestershire and Southwark, London. The institute's HQs are based in Evesham, close to the cyber-hubs of Cheltenham and Malvern.

The institute is run by its members and has an elected board of directors with Dr Alastair MacWillson as the chairman.


One of its main activities is to act as an accreditation authority for the industry. The consortium of CIISec, CREST, and RHUL has been appointed by NCSC as one of the certification bodies for the UK's Certified Cyber Professional (CCP) assured service.[2] The consortium assesses individuals based on the Skills Framework, as part of a certification scheme driven by NCSC, the IA arm of GCHQ.

Full membership of the institute is information security's professional standard and endorses the knowledge, experience and professionalism of an individual in this field. The award of membership levels is competency-based which sets it apart from purely knowledge-based qualifications and is awarded to those professionals who demonstrate breadth and depth of knowledge, and substantial practical experience.[3]

Community hubs[edit]

The CIISec has a number of regional branches which are developed for its members:[4]

Community Hub Locations:
  • Bristol/Bath
  • Channel Islands
  • Cheltenham
  • East Anglia
  • London
  • North East
  • North West
  • Northern Ireland
  • Nottingham/Derby/Leicester
  • Scotland
  • South West
  • Thames Valley
  • Wales
  • West Midlands


Based in London, United Kingdom, the institute was established in 2006 by information security professionals. In 2007, the institute developed the CIISec Skills Framework. This framework describes the range of competencies expected of information security and information assurance professionals in the effective performance of their roles. It was developed through collaboration between both private and public sector organisations and academics and security leaders.

In 2012, as part of the government's investment in cyber security, the CIISec consortium were appointed by NCSC (formally CESG) to provide certification for UK government information assurance (IA) professionals. The CIISec defined a set of information security skills and skill levels and these skill definitions have been supplemented by NCSC to enable certification bodies to make formal assessments, and others to make informal assessments against the IA skill levels.

See also[edit]


  1. ^ "Our Mission". Archived from the original on 2018-07-05. Retrieved 2018-07-05.
  2. ^ "Certified Cyber Professional (CCP) assured service". Retrieved 2022-12-06.
  3. ^ "Full Membership". Archived from the original on 2018-07-05. Retrieved 2018-07-05.
  4. ^ "Community Hub Events". Retrieved 2022-12-06.


External links[edit]