Security consortium offers C&A credential

The International Information Systems Security Certification Consortium (ISC)2 has begun certifying government employees for a professional certification and accreditation (C&A) credential that it developed in cooperation with the State Department.

Consortium officials said the new credential is timely because all federal agencies must certify and accredit major information systems and applications under the Federal Information Security Management Act (FISMA). “We felt the time was right for (ISC)2 to develop a credential to support it,” said Rolf Moulton, president and interim chief executive officer of the consortium, a nonprofit group that certifies information security employees.

Security experts devised the C&A process to ensure that information systems are reasonably secure given the risks to which they are exposed. FISMA requires federal agencies to perform C&A on information systems every three years or whenever systems are significantly modified.

To qualify for the Certification and Accreditation Professional (CAP) credential, a person must have two years of direct experience doing C&A work. The person must also pass a CAP exam and subscribe to the consortium's code of ethics, according to the announcement.

Consortium officials said that W. Hord Tipton, chief information officer at the Interior Department, and Jane Scott Norris, chief information security officer at the State Department, were in the first group who passed the CAP exam. State’s security experts helped (ISC)2 develop the certification exam.

To maintain their CAP credential, security employees must earn 60 hours of continuing education credits every three years, pay annual maintenance fees and abide by the consortium's code of ethics, (ISC)2 officials said.

Featured

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.