CERTIFICATIONS
The journey towards formal certification makes it worthwhile.
With each certification, I discover new blind spots and learn
a great deal in the process.
Certified
Information Systems Security Professional (CISSP)
The CISSP credential is ideal for mid- and senior-level managers
who are working toward or have already attained positions
as CSOs, CISOs or Senior Security Engineers. It provides information
security professionals with not only an objective measure
of competence but a globally recognized standard of achievement.
Certified in Risk
and Information Systems Control (CRISC)
The CRISC designation certifies professionals who have knowledge and
experience in identifying and evaluating risk and in designing,
implementing, monitoring and maintaining risk-based, efficient and
effective IS controls.
Certified
Information Systems Auditor (CISA)
Since 1978, the Certified Information Systems Auditor (CISA)
program has measured excellence in the area of IS auditing,
control and security. CISA has grown to be globally recognized
and adopted worldwide as a symbol of achievement. The CISA
certification has been earned by more than 50,000 professionals
since inception.
Certified
Information Security Manager (CISM)
The CISM certification and is specifically geared toward experienced
information security professionals. CISM is business-oriented
and focused on information risk management while addressing
management, design and technical security issues at the conceptual
level. It is for the individual who must maintain a view of
the "big picture" by managing, designing, overseeing
and assessing an enterprise's information security.
Certified
Information Privacy Professional (CIPP)
The CIPP stresses the definitions, concepts and applications
of U.S. and international privacy laws and information management
practices as well as the privacy implications of emerging
technologies. This includes HIPAA, COPPA, GLBA, APEC principles,
OECD guidelines, EU Directive, employee records management,
workplace monitoring, contingency planning, incident handling,
PII, Web forms, cookie files, Spyware, spam and other key
items.
ITIL
Foundation in IT Service Management v3 (ITILv3)
ITIL Foundation is suitable for individuals who require a basic
understanding of the ITIL framework and how it may be used to
enhance the quality of IT service management within an organization.
The ITIL Foundation Certification also applies to IT professionals
who work within an organization that has adopted ITIL and so need
to be aware of and contribute to the overall service improvement
programme.
NSA INFOSEC
Assessment Methodology (IAM)
The IAM consists of a standard set of activities required
to perform an on-site information security assessment. While
not technically a certification, the IAM "sets the bar" for
completing a comprehensive INFOSEC Assessment as defined by
the IATRP. To qualify for an IAM certificate, students must:
attend the two-day class; demonstrate an understanding of
the IAM through group exercises and class discussions; obtain
a passing grade on the IAM test and meet the experience requirements
(five years of information security and two years of analyzing
security risks and vulnerabilities).
Design for
Six Sigma Green Belt (DFSS/GB)
A Six Sigma Green Belt operates in support of or under the
supervision of a Six Sigma Black Belt, analyzes and solves quality
problems and is involved in quality improvement projects. A Green
Belt is someone with at least three years of work experience who
wants to demonstrate his or her knowledge of Six Sigma tools and
processes.