ISO approves information security credential

A credential for information security engineers has received accreditation from the International Organization for Standardizations (ISO), the International Information Systems Security Certification Consortium said today.

Lynn McNulty, director of government services at (ISC)2, said the American National Standards Institute accredited the Information Systems Security Engineering Professional credential. ANSI is the U.S. branch of ISO.

ISSEP now complies with the ANSI/ISO/International Electrotechnical Commission 17024 standard. That standard sets internationally recognized benchmarks for the educational principles and integrity of examination processes and the organizational structure of credentialing organizations, McNulty said.

ISSEP is an extension of (ISC)2’s Certified Information Systems Security Professional certification, he said. The CISSP-ISSEP certification provides extra training in four areas of information security engineering that the standard CISSP certification does not include.

The latest accreditation will allow more DOD workers to have the ISSEP credential, McNulty said, adding that DOD Directive 8570.1 requires all department employees to have credentials with ANSI 17024 accreditation.

Organizations can be confident that credentialed employees or job applicants have the appropriate technical and managerial credentials in information assurance, McNulty said.

(ISC)2 intends to talk to DOD about changing Directive 8570.1 to include ISSEP, McNulty said. ISSEP already meets the standard and DOD officials have said they would add more accreditations in the future.

(ISC)2 developed the ISSEP certification with the National Security Agency, but the credential is relevant across the national security domain, McNulty said.

(ISC)2’s accomplishment is important because only about 1 percent of more than 3,000 certification bodies are accredited by third parties such as ANSI, said Roy Swift, ANSI’s program director for certification accreditation.

Accreditation lends credibility to certification programs as it does to colleges and universities, Swift said.

ISSEP is the third (ISC)2 certification to get ISO 17024 certification, Swift said. Its CISSP and Systems Security Certified Practitioner certifications also comply.


  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.