Hi David,
You are so right! Thanks for clarifying this.
Regards,
Serge
-----Message d'origine-----
De : David Harley [mailto:david.a.harley gmail.com]
Envoyé : mardi 15 août 2006 12:17
À : psrcsecurityfocus.com
Objet : RE: The Institute of Information Security
Professionals
> This is NOT another CISSP or CISM or XXXXX. The idea is
to devlelop
> a criteria for membership that is not just reading a
book. It is
> based on a combination of things such as experience,
> fellow industry practioners vouching for your
competence etc.
Please. Both these certifications include testing by
examination,
requirements for a minimum length of relevant working
experience,
adherence to a code of conduct, and an ongoing programme of
professional development. CISSP certification also requires
endorsement by an infosec professional in good standing.
There's
a place for IISP, but it's not particularly innovative in
these
areas.
It's by no means impossible for the holder of such
certifications
to be incompetent (the same is true of IISP members), or for
the
cert to be used as an inappropriate criterion for selection.
But to
dismiss the certifications as "just reading a
book" is an insult
to the many hardworking professionals who've gained them
through
hard work and years of experience.
--
David Harley
Security Author & Consultant
Small Blue-Green World
|