CESG adopts IISP skills framework for Information Assurance

The CESG – Communications Electronics Security Group – is the branch of GCHQ which works to secure the communications and information systems of the government and critical parts of UK national infrastructure.

According to the IISP, this is further recognition that professional skills are required of the employees who design and assure the security of information systems.

Under the agreement between the two organisations, the plan is for the skills framework to become the basis for measuring the competence of information assurance professionals involved in the delivery of public sector services.

According to the IISP, the agreement allows the CESG to supplement the framework as necessary to better enable its application across the public sector.

Plans call for the IISP to continue to provide its own associate and full member (M.Inst.ISP) accreditation for information security and assurance professionals across the full skills framework.

The institute says it will also continue to operate the related Infosec Training Path and Competencies scheme (ITPC) accreditation process on behalf of the UK government.

Announcing the framework exchange, Professor Paul Dorey, chairman of the institute, said: "The criticality of risks to information systems has taken us beyond the stage where security skills can be just picked up by chance."

"We see increasing numbers of companies, and now government departments, requiring certification of professional competence, just like engineers and doctors", he added.

Over at the CESG, Chris Ensor, the head of professional, said: "The IISP skills framework is an excellent foundation on which to build and measure information assurance competence across the public sector.

"We will now use it to formalise IA roles and as the basis for organisations to certify people, education and training", he added.

What’s hot on Infosecurity Magazine?