Certified for security

Although no single Good Housekeeping Seal of approval exists for judging managed-security service providers, agencies should determine what percentage of an MSSP’s employees carry these important security certifications.


  • ISO/IEC 27001 — an international standard for implementing, operating and monitoring security management systems. The rules provide a baseline for showing that an organization has adequate security in place to protect information.



  • SAS 70 Type II accreditation — conforms to American Institute of Certified Public Accountants rules for an independent auditor’s evaluation of information technology infrastructures and processes.



  • Certified Information Systems Security Professional accreditations — designates that IT workers have a minimum of five years of relevant professional experience and have successfully passed International Information Systems Security Certification Consortium exams.



  • Global Information Assurance Certification — acknowledges IT professionals for expertise in computer, information and software security.



  • Certifications from specific hardware and software vendors, such as Microsoft and Cisco Systems, important in the agency’s technology infrastructure.

About the Author

Alan Joch is a freelance writer based in New Hampshire.

The 2014 Federal 100

Get to know the 100 women and men honored this year for going above and beyond in federal IT.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above