Neha Patil (Editor)


Updated on
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit

Area served


120,407 (2017)

Cybersecurity, Information Security, Software Security, Infrastructure Security

Professional Certifications

Security Transcends Technology

CompTIA, Linux Professional Institute, OWASP, Project Management Institute, ASIS International


isc security congress 2015 day 1 highlights

The International Information System Security Certification Consortium, or (ISC)², is a non-profit organization which specializes in information security education and certifications. It has been described as the "world's largest IT security organization". The most widely known certification offered by (ISC)² is the Certified Information Systems Security Professional (CISSP) certification.



In the mid-1980s a need arose for a standardized and vendor-neutral certification program that provided structure and demonstrated competence. In November 1988, the Special Interest Group for Computer Security (SIG-CS), a member of the Data Processing Management Association (DPMA), brought together several organizations interested in this. The (ISC)² was formed in mid-1989 as a non-profit organization with this goal.

By 1990, the first working committee to establish something called the Common Body of Knowledge (CBK) had been formed. The work done by that committee resulted in the first version of CBK being finalized by 1992, with the CISSP credential launched by 1994, followed by the SSCP credential in 2001, the CAP credential in 2005, and the CSSLP credential in 2008.

Since 2011, (ISC)² organizes the annual (ISC)² Security Congress, which is co-located with the ASIS International Annual Seminar and Exhibits, with more than 20000 professionals attending.

In March 2012, (ISC)² announced a strategic alliance with the not-for-profit organisation IT Acquisition Advisory Council

Professional Certifications

(ISC)² maintains what it calls a Common Body of Knowledge for information security for the following certifications:

  • Certified Information Systems Security Professional (CISSP), including:
  • Information Systems Security Architecture Professional (CISSP-ISSAP)
  • Information Systems Security Engineering Professional (CISSP-ISSEP)
  • Information Systems Security Management Professional (CISSP-ISSMP)
  • Certified Secure Software Lifecycle Professional (CSSLP)
  • Certified Authorization Professional (CAP)
  • Certified Cloud Security Professional (CCSP)
  • Systems Security Certified Practitioner (SSCP)
  • Certified Cyber Forensics Professional (CCFP)
  • It is certified by ANSI that (ISC)² meets the requirements of ANSI/ISO/IEC Standard 17024, a personnel certification accreditation program. That accreditation covers the CISSP, SSCP, ISSEP, ISSAP, ISSMP, CAP, and CSSLP certifications.

    Continuous Professional Education

    All (ISC)² certified professionals are required to earn Continuous Professional Education CPE) credits on an annual basis in order to maintain their certifications. CPE credits can be obtained by attending industry events or conferences, writing articles/book reviews/books, etc.

    Code of Ethics

    All certified (ISC)² professionals are required to support the (ISC)² code of ethics. Violations of the code of ethics are each investigated by a peer review panel, within the potential of revoking the certification. (ISC)² (along with other security certification organizations) has been criticized for lack of education in the area of ethics.


    (ISC)² Wikipedia