Re: Certifications for Security Professionals

["Sadler, Connie" <Connie_Sadler () BROWN EDU>]

I may be a bit biased, but I believe that the CISSP is the most
recognized certification internationally for people who are developing
or managing security programs. These other certifications are excellent,
but are more specialized - either technical in nature or in support of
an auditing type of function. The CISSP is now required for many
government and industry positions, and I think what is attractive about
it is that it covers the ten most important domains for a security
professional to be familiar with - building the foundation for a "Body
of Knowledge" that assures a breadth of familiarity and experience.
Information regarding the CISSP can be found at www.isc2.org. CISSP
Forum members have one of the most active and robust online forums that
I have seen - where help can be requested for everything from new
technologies to policy development to technical challenges. ISC2 also
now has a partnership with SANS that lends it even more credibility. I
am thinking about obtaining another certification, just to keep myself
up-to-date, but in my experience, the CISSP is a good place to start.

Connie J. Sadler, CM, CISSP
Director, IT Security, Brown University
Box 1885, Providence, RI 02912
Connie_Sadler () Brown edu
Office: 401-863-7266; Mobile: 401-338-6851
 

-----Original Message-----
From: Rodney Petersen [mailto:rpetersen () educause edu] 
Sent: Tuesday, March 18, 2003 8:12 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Certifications for Security Professionals

A frequent question that I hear asked by IT management and aspiring
security professionals is what types of security certifications are
available and desirable for a college or university information security
officer.  I am most familiar with the following:

Certified Information Systems Auditor (CISA) -
http://www.isaca.org/cisa.htm

Certified Information Security Manager (CISM) -
http://www.isaca.org/cism.htm

Certified Information Systems Security Professional (CISSP)

Global Information Assurance Certification (GIAC) - www.sans.org

Security + - www.comptia.org

The Security Task Force requests your assistance in identifying
appropriate security certifications and their relative merits for higher
education IT environments.

Thanks,

Rodney Petersen
Security Task Force Coordinator
EDUCAUSE

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at
http://www.educause.edu/memdir/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.