CISSP concentrations are fresh new air flowing around. This exam creating fuzz everywhere even into US Army.

This time i will focus on ISSMP i.e. Information Systems Security Management Professional. This concentration requires that a candidate demonstrate two years of professional experience in the area of management, considering it on a larger enterprise-wide security model. This concentration contains deeper managerial elements such as project management, risk management, setting up and delivering a security awareness program, and managing a Business Continuity Planning program. A CISSP-ISSMP establishes, presents, and governs information security policies and procedures that are supportive to overall business goals, rather than a drain on resources. Typically the CISSP-ISSMP certification holder or candidate will be responsible for constructing the framework of the information security department and define the means of supporting the group internally.

CISSP-ISSMP professionals have a far more well-rounded and complete comprehension of
information security than other popular management credentials.

Domains of ISSMP:

• Security Management Practices
• Systems Development Security
• Security Compliance Management
• Understand Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)
• Law, Investigation, Forensics and Ethics

CISSP concentrations are fresh new air flowing around. This exam creating fuzz everywhere even into US Army.

This time i will focus on ISSAP i.e. Information Systems Security Architecture Professional. This concentration requires a candidate to demonstrate two years of professional experience in the area of architecture and is an appropriate credential for Chief Security Architects and Analysts who may typically work as independent consultants or in similar capacities. The architect plays a key role within the information security department with responsibilities that functionally fit between the C-suite and upper managerial level and the implementation of the security program. He/she would generally develop, design, or analyze the overall security plan. Although this role may typically be tied closely to technology this is not necessarily the case, and is fundamentally the consultative and analytical process of information security.

Recognition for Advanced Expertise in Information Security Engineering
ISSEP: Information Systems Security Engineering Professional is a new part of the ISC2 CISSP concentration cert. This concentration was developed in combination with the U.S. National Security Agency (NSA) to provide tools for any systems security engineering professional. CISSP-ISSEP is the guide for incorporating security into projects, applications, business processes, and all information systems. Security professionals are hungry for workable methodologies and best practices that can be used to integrate security into all facets of business operations. The four major domains of the CBK covered by CISSP-ISSEP certification are:

• Certification and Accreditation
• Systems Security Engineering
• Technical Management
• U.S. Government Information Assurance (IA) Regulations

How many of CISSP credential holders think that we came up here by studying vast domain on security? Atleast I am. I always think that does it really matter to companies of different field that I am CISSP certified. That make me very specific with my skills.

Fortunately, ISC2 came up with excellent answer. CISSP-CONCENTRATION. They quoted “After the original conception of the CISSP, and the continuous evolution of information security, (ISC)² discovered a need to develop credentials which address the specific needs of our members. With this in mind.” ISC2 developed CISSP Concentrations in the functional areas of:

• Architecture (ISSAP)
• Engineering (ISSEP)
• Management (ISSMP)

CISSP-concentration prove the long awaited proven expertise credentials in specific domain of CISSP certificate holders.

I am sure most of CISSPians out there waiting for this opportunity.

Click here for more information