The ISF, an independent, not-for-profit organization, provides a trusted and confidential environment for its member organizations to share in-depth knowledge and practical experience. To that end, it has produced an extensive library of research, benchmarks and standards that address systems and information risk management, security challenges and privacy issues that impact business.
Typically ISF maintains a closed library for its corporate members, but through the collaboration will make its research and repository of case histories available to (ISC)²’s examination and course development teams as well.
The result, they expect, will be to enhance the global applicability of (ISC)²’s cybersecurity professional certifications and courses, giving them access to experiential research, particularly in the topic area of privacy.
(ISC)² certifications are based on the (ISC)² CBK, a collection of global information security topics, which is developed and maintained through on-going polling of the organization’s more than 87,000 certified members around the world. To confirm its relevance to real-world scenarios and eligibility for the CBK, (ISC)² validates the knowledge gained through this process with its membership and credible external sources.
“An organization that has developed on a similar ethos to our own, (ISC)² has set the benchmark for professional practice in information security,” said Michael de Crespigny, the ISF’s CEO. “As the security landscape moves from an emphasis on securing systems and infrastructure towards one that is much more dependent on individual and corporate competencies, we welcome the opportunity to work collaboratively to support the development of a collective knowledge base [that] professionals can all draw from.”
In addition to topic-focused research, the ISF library’s repository of case histories offers the opportunity to build in realistic and interactive, scenario-based questions in the examinations, facilitated by the move in September of this year to administer all examinations through computer-based testing. The writing team will gain access to the repository during development workshops through (ISC)²’s new Learning Management System (LMS), which will allow workshop participants from around the world to collaborate.
“(ISC)² is committed to increasing the level of scenario-based content in the examinations, which calls for test-takers to demonstrate their ability to make judgment calls, a core competency for information security professionals today,” said W. Hord Tipton, executive director of the (ISC)². “Through this agreement, we also have strengthened our ability to support a global viewpoint on issues such as privacy, where laws tend to be very regional or country-specific.”