- 论坛徽章:
- 0
|
https://www.isc2.org/cgi-bin/content.cgi?page=226\r\n\r\n(ISC)2’s CAREER-ENHANCEMENT AND SUPPORT STRATEGY\r\nFAQ INFORMATION REGARDING ISSEP, ISSMP, ISSAP, (CONCENTRATION EXAMS) AND THE (ISC)2 ASSOCIATE PROGRAM \r\n\r\nGeneral Information Regarding Concentration Examinations \r\nISSEP - Information Systems Security Engineering Professional \r\nISSMP - Information Systems Security Management Professional \r\nISSAP - Information Systems Security Architecture Professional \r\n(ISC)2 ASSOCIATE PROGRAM \r\n\r\nGeneral Information Regarding Concentration Examinations \r\n\r\nRequirement to Sit for a Concentration Exam. All concentration examinations (ISSEP, ISSMP, and ISSAP) are developed and owned by (ISC)² and designed to work in tandem with the CISSP credential. As such, being a CISSP in good standing is a requirement to sit for one or more of the concentration examinations. \r\n\r\n\r\nConcentration Examination Fee. The INTRODUCTORY FEE to sit for a concentration examination is $295.00 USD. \r\n\r\n\r\nNumber of Test Questions. Each concentration examination is comprised of 100 scored items plus 25 pretest items, for a total of 125 items. \r\n\r\n\r\nTime Allowed to Take the Test. Candidates are allowed 3 hours to complete each concentration examination. \r\n\r\n\r\nCertification Parameters. Upon passing a concentration examination, the candidate will be initially certified in that area for a period to expire concurrently with the underlying CISSP credential (regardless of when the test date falls within the CISSP\'s three year certification period). No Continued Professional Education (CPEs) will be required during this initial partial certification period. Each 3-year full certification period thereafter will run concurrently with the underlying CISSP 3-year cycle and expiration date. \r\n\r\n\r\nCPE Requirements. During these subsequent full 3-year certification periods, 20 of the 120 CPEs (already required for the underlying CISSP certificate) must be in the specific area of concentration. For example, if the CISSP took the ISSEP concentration examination and passed, he or she would be required to submit at least 20 of the total 120 hours he is required to submit for the CISSP certificate to be in the specific area of Engineering. \r\n\r\n\r\nFees. An Annual Maintenance Fee (AMF) of $35.00 per year, per concentration certification obtained, is required. This fee will be invoiced annually as an additional line item on the CISSP annual maintenance fee invoice sent at the end of each year during the certification period. Like the CISSP annual maintenance fee, these monies are used to defray the direct administrative costs of maintaining the credential. \r\n\r\n\r\nTraining. It is anticipated that training products will be available by mid-2004 for all concentrations. \r\n\r\n\r\nTest Administration. The concentration examinations will be offered at all published testing events. \r\n\r\n\r\nAvailability. All concentration examinations will be available starting June 1, 2003. \r\n\r\n\r\n\r\nISSEP \r\n\r\nDesignation. ISSEP stands for Information Systems Security Engineering Professional. \r\n\r\n\r\nPurpose for Development. ISSEP was developed under a joint effort between (ISC)2 and the United States National Security Agency, Information Assurance Directorate (NSA/IAD). The motivation and justification for NSA\'s involvement in this project is found in NSD 42 and the Federal Technology Transfer Act of 1986 (15 U.S.C. Section 3710A). \r\n\r\n(ISC)2\'s motivation for involvement is found in its mandate to serve and improve the information security profession, and as such, seeks ways to meet the specific needs of its professionals in the private and public sectors. The development of concentration examinations is a direct response to (ISC)² research indicating that these needs of information security professionals were not being met. The ISSEP provides the means for (ISC)2 to offer CISSPs a mechanism to demonstrate specific competence in the concentrated area of information security engineering. \r\n\r\n\r\nContent Orientation. One key goal in offering the ISSEP concentration certification is to encourage and ensure that professionals possess the specific knowledge required to perform the role of information system security engineer, within the broader scope of information security knowledge identified in the Common Body of Knowledge (CBK) and required for CISSP certification. \r\n\r\n\r\nRole of ISSEP at the NSA. The NSA/IAD has committed itself to promoting this certification to its employees and vendors. While a specific policy statement has not been issued at this time, it is not known if the NSA/IAD will require, or simply prefer, individuals with the ISSEP in connection with certain information security projects. \r\n\r\n\r\nContent Domains. The major domains of the ISSEP examination are: \r\nSystems Security Engineering \r\nCertification and Accreditation \r\nTechnical Management \r\nU.S. Government Information Assurance Regulations \r\n\r\n\r\nISSMP \r\n\r\nDesignation. ISSMP stands for Information Systems Security Management Professional. \r\n\r\n\r\nPurpose for Development. The development of concentration examinations is a direct response to (ISC)2 research indicating that these needs of information security professionals were not being met. This examination is designed to provide CISSPs with a mechanism to demonstrate competence in the more in-depth and concentrated requirements of information security management, within the broader scope of information security knowledge identified in the CBK and required for CISSP certification. \r\n\r\n\r\nContent Domains. The major domains for this examination are: \r\nEnterprise Security Management Practices \r\nEnterprise-Wide System Development Security \r\nOverseeing Compliance of Operations Security \r\nUnderstanding BCP, DRP, and COOP \r\nLaw, Investigations, Forensics and Ethics \r\n\r\n\r\nISSAP \r\n\r\nDesignation. ISSAP stands for Information Systems Security Architecture Professional. \r\n\r\n\r\nPurpose for Development. The development of concentration examinations is a direct response to (ISC)2 research indicating that these needs of information security professionals were not being met. This examination is designed to provide CISSPs with a mechanism to demonstrate competence in the more in-depth and concentrated requirements of information security architecture, within the broader scope of information security knowledge identified in the CBK and required for CISSP certification. \r\n\r\n\r\nContent Domains. The major domains for this examination are: \r\nAccess Control Systems and Methodologies \r\nTelecommunications and Network Security \r\nCryptography \r\nRequirements Analysis & Security Standards, Guidelines, Criteria \r\nTechnology Related BCP and DRP \r\n\r\n\r\n(ISC)2 ASSOCIATE PROGRAM \r\n\r\nBackground. (ISC)2 is committed, by mandate, to serving the needs of the information security community. This community of professionals is comprised of persons working in various capacities and roles, and with persons at various stages of career development within these roles. While (ISC)2 is best known for its CISSP credential, specifically designed to serve information security professionals in managerial roles with at least four (4) years of experience, (ISC)2 in-depth research has identified a broad range of unmet certification needs for people who work in other capacities and professions, and who are at different stages of career development, within the information security community. (ISC)2 has embraced the challenge, per its mandate, to meet these diverse and growing needs that have been identified. Accordingly, in 1999, (ISC)2 launched the SSCP certificate for those professionals working as system administrators, network managers, and other technical roles within organizations. In June 2003, (ISC)2 is launching the ISSEP (launched jointly with the US NSA), ISSAP, and ISSMP certificates for current CISSPs who wished to get certified in the specific areas of system security engineering, architecture, and/or managerial concentrations. \r\n\r\n\r\nPurpose of Development. (ISC)2 has established the (ISC)2 Associate program for those who have chosen a career path in information security and wish to become an SSCP or CISSP in the future, but who have are still obtaining the required years of experience. (ISC)2 motivation for offering the (ISC)2 Associate program is found in its desire to support, throughout their careers, those who chose information security as their vocation, and not to simply offer such support after individuals have become highly experienced. For example, (ISC)2 wishes to offer support through its many service offerings to the new college graduate in information security who would greatly benefit from these services as they work towards meeting the requirements for professional certification. \r\n\r\n\r\nHow to Become An (ISC)2 Associate. A candidate who wishes to sit for the CISSP or the SSCP test may do so. On the application form (whether Web or paper format), the candidate must (1) complete all the information requested including executing the Agreement subscribing to the Code of Ethics, (2) outline his or her experience, (3) indicate when he or she expect to obtain the number of years required for certification (4 years for CISSP and 1 year for SSCP), and (4) submit the required examination fee. The candidate will then be sent admission documents to take the test. He or she may take the test at any testing location published on the isc2.org website. \r\n\r\n\r\nHow an (ISC)2 Associate Becomes Certified as a CISSP or SSCP. Upon taking and passing the test, the candidate will be issued a pass letter documenting that he or she has become an \"(ISC)2 Associate\" and has passed the examination. (ISC)2 will send a reminder notice to the candidate on the date he or she projects or expects the required experience will be obtained, but it is the candidate\'s responsibility to notify (ISC)2 at (88 333-4458 when he or she has actually obtained the necessary experience for certification (4 years for CISSP and 1 year for SSCP). At that time, the (ISC)² Associate will be provided with an Endorsement Form, which is also available as a downloadable document at the isc2.org website. The (ISC)2 Associate must have the Endorsement Form completed by a qualified 3rd party in accordance with the instructions on the form, and submit it to (ISC)2. Upon receipt of the properly executed Endorsement Form, the certificate (CISSP or SSCP) will be issued to the candidate, and he or she becomes certified at that point-in-time. An (ISC)2 Associate is NOT a CISSP or SSCP and may not use this designation, or represent that he or she has this designation, until such time at the required experience is obtained and the certificate is actually issued. \r\n\r\n\r\n(ISC)2 Associate Endurance. The (ISC)2 Associate designation is good for a period of five (5) years from the date of the PASS letter issued. The (ISC)2 Associate has a maximum of five (5) years to obtain the required experience and submit the required Endorsement Form for certification. \r\n\r\n\r\nFees. There is an Annual Maintenance Fee (AMF) of $35.00 required for an individual to maintain his or her (ISC)2 Associate status in good standing. This will be invoiced to the (ISC)2 Associate following each full year of associate status participation. \r\n\r\n\r\nContinued Professional Education. Because an (ISC)2 Associate is not certified, no continued professional education credits are required to maintain associate status in good standing |
|
免费注册
发表于 2003-05-10 21:56
