Guide to information security qualifications
Formal information security certifications are essential for the career development of any information security professional. The most widely recognised include IBITGQ, ISACA, (ISC)² and BCS qualifications.
Details of examining bodies are provided below, together with links to our relevant information security training courses, official study guides and books.
IBITGQ – International Board of IT Governance Qualifications
IBITGQ awards internationally recognised certificates to candidates who have completed and passed an IBITGQ approved examination.
IBITGQ qualifications currently include:
For further information, please see the IBITGQ website.
(ISC)² – International Information Systems Security Certification Consortium
(ISC)² is a not-for-profit organisation that developed the information security common body of knowledge (CBK) and a certification programme for information systems security professionals.
The six key (ISC)² qualifications are:
- CISSP - Certified Information Systems Security Professional (Official (ISC)² Guide to the CISSP CBK, Second Edition)
- CISSP Concentrations (x3):
- ISSAP - Information Systems Security Architecture Professional
- ISSEP - Information Systems Security Engineering Professional
- ISSMP- Information Systems Security Management Professional
- CAP - Certification and Accreditation Professional
- SSCP - Systems Security Certified Practitioner
CISSP – Certified Information Systems Security Professional
The CISSP certification provides information security professionals with an objective measure of competence and a globally recognised standard of achievement. The CISSP credential suits mid and senior-level managers working toward or have already attained positions as CISOs, CSOs or Senior Security Engineers.
CISSP Concentrations
For experienced information security professionals with an existing (ISC)² qualification in good standing, (ISC)² Concentrations demonstrate in-depth knowledge of a subject area.
- ISSAP Concentration in Architecture
- ISSEP Concentration in Engineering
- ISSMP Concentration in Management
CAP – Certification and Accreditation Professional
The CAP credential is for security professionals involved in certification and accreditation. This qualification supports individuals who formalise processes used to assess risk, establish security requirements, and ensure information systems have appropriate security controls in place to reduce exposure to potential risk.
SSCP – Systems Security Certified Practitioner
The SSCP certification is for information security technicians who have implementation experience. The SSCP credential is ideal for those working toward or who have already attained positions as Senior Network Security Engineers, Senior Security Systems Analysts or Senior Security Administrators.
BCS – British Computer Society
The British Computer Society (BCS) is the UK's Chartered Institute for IT. Through the BCS Professional Certifications portfolio (formally known as ISEB), the BCS provides industry-recognised qualifications that measure competence, ability and performance in information security and related topics.
The key BCS Professional Certification qualifications include:
- Certificate in Information Security Management Principles (CISMP)
- Certificate in Freedom of Information
- Certificate in Information Assurance Auditing
- Certificate in Information Assurance Compliance
- Certificate in Information Systems Security Management
- Certificate in Security and Information Risk Consultancy
- Certificate in Security Architecture
CISMP – Certificate in Information Security Management Principles
The CISMP qualification, based on ISO27001, provides a base level of knowledge for individuals who are thinking of moving into a security or a security-related function. It also offers those in a role with security responsibility an opportunity to enhance or refresh their knowledge.
IT Governance offers a dedicated CISMP training course Certificate in Information Security Management Principles and the supporting course textbook Information Security Management Principles: An ISEB Certificate.