Certified for security

Although no single Good Housekeeping Seal of approval exists for judging managed-security service providers, agencies should determine what percentage of an MSSP’s employees carry these important security certifications.


  • ISO/IEC 27001 — an international standard for implementing, operating and monitoring security management systems. The rules provide a baseline for showing that an organization has adequate security in place to protect information.



  • SAS 70 Type II accreditation — conforms to American Institute of Certified Public Accountants rules for an independent auditor’s evaluation of information technology infrastructures and processes.



  • Certified Information Systems Security Professional accreditations — designates that IT workers have a minimum of five years of relevant professional experience and have successfully passed International Information Systems Security Certification Consortium exams.



  • Global Information Assurance Certification — acknowledges IT professionals for expertise in computer, information and software security.



  • Certifications from specific hardware and software vendors, such as Microsoft and Cisco Systems, important in the agency’s technology infrastructure.

About the Author

Alan Joch is a freelance writer based in New Hampshire.

Featured

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/Shutterstock.com)

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected