Information Security Qualifications
Formal qualifications are essential for the career development of any information security professional. The most widely recognised include qualifications from IBITGQ, ISACA, (ISC)² and BCS.
Details of examining bodies are provided below, together with links to our relevant training courses, official study guides and books.
IBITGQ – International Board of IT Governance Qualifications
IBITGQ awards internationally recognised certificates to candidates who have successfully completed and passed an IBITGQ approved examination.
IBITGQ qualifications currently include:
For further information, please see the IBITGQ
ISACA – Information Systems Audit and Control Association
ISACA was founded in the USA and is an international association of professionals involved in information systems audit, control, quality assurance and security.
The four key ISACA qualifications are:
For further information, please see the ISACA website.
(ISC)² – International Information Systems Security Certification Consortium
((ISC)² is a not-for-profit organisation that developed the information security common body of knowledge (CBK) and a certification programme for information systems security professionals.
The six key (ISC)² qualifications are:
ISSAP - Information Systems Security Architecture Professional
ISSEP - Information Systems Security Engineering Professional (ISSEP Exam Guide)
ISSMP- Information Systems Security Management Professional
CISSP – Certified Information Systems Security Professional
The CISSP certification provides information security professionals with an objective measure of competence and a globally recognised standard of achievement. The CISSP credential suits mid and senior-level managers who are working toward or have already attained positions as CISOs, CSOs or Senior Security Engineers.
For experienced information security professionals with an existing (ISC)² qualification in good standing, (ISC)² Concentrations demonstrate in-depth knowledge of a subject area.
ISSAP Concentration in Architecture
ISSEP Concentration in Engineering
ISSMP Concentration in Management
CAP – Certification and Accreditation Professional
The CAP credential is specifically designed for security professionals involved in certification and accreditation. This qualification supports individuals who formalise processes used to assess risk and establish security requirements, as well as ensuring information systems have appropriate security controls in place to reduce the exposure to potential risk.
SSCP – Systems Security Certified Practitioner
The SSCP certification is for information security technicians who have implementation experience. The SSCP credential is ideal for those working toward or who have already attained positions as Senior Network Security Engineers, Senior Security Systems Analysts or Senior Security Administrators.
For further information, please see the (ISC)² website.
BCS – British Computer Society
The British Computer Society (BCS) is the UK's Chartered Institute for IT. Through the BCS Professional Certifications portfolio (formally known as ISEB), the BCS provides industry-recognised qualifications that measure competence, ability and performance in information security and related topics.
The key BCS Professional Certification qualifications include:
CISMP – Certificate in Information Security Management Principles
The CISMP qualification, which is based on ISO27001, provides a base level of knowledge for individuals who are thinking of moving into a security or a security-related function. It also offers those for already working in a role with security responsibility an opportunity to enhance or refresh their knowledge. IT Governance offers a dedicated CISMP training course Certificate in Information Security Management Principles and the supporting course textbook Information Security Management Principles: An ISEB Certificate
For further information, please see the BCS website.
Further information on information security qualifications
>> Download our free Green Paper 'Information Security Qualifications - Fact Sheet'
>> Find out more about our information security training courses