IT Security Certifications are becoming more and more popular and necessary as the job economy becomes tougher. IT Security Professionals are trying to distant themselves from their competition while companies are looking for the best and brightest in the field. Below are some of the certifications I am researching for a bigger IT Security Certifications project.
CCSA -- Certification in Control Self-Assessment
The CCSA demonstrates knowledge of internal control self-assessment procedures, primarily aimed at financial and records controls. This cert is of primary interest to those professionals who must evaluate IT infrastructures for possible threats to financial integrity, legal requirements for confidentiality and regulatory requirements for privacy.
Source: Institute of Internal Auditors
CFE -- Certified Fraud Examiner
The CFE demonstrates ability to detect financial fraud and other white-collar crimes. This cert is of primary interest to full-time security professionals in law, law enforcement or those who work in organization with legal mandates to audit for possible fraudulent or illegal transactions and activities (such as banking, securities trading or classified operations).
Source: Association of Certified Fraud Examiners
CFSA -- Certified Financial Services Auditor
The CFSA identifies professional auditors with thorough knowledge of auditing principles and practices in the banking, insurance and securities financial services industries. Candidates must have a four-year degree or a two-year degree with three years of experience in a financial services environment, submit a character reference and show proof of at least two years of appropriate auditing experience. To obtain this certification, candidates must pass one exam.
Source: The Institute of Internal Auditors
CGAP -- Certified Government Auditing Professional
The CGAP identifies public-sector internal auditors who focus on fund accounting, grants, legislative oversight and confidentiality rights, among other facets of internal auditing. Candidates must have an appropriate four-year degree or a two-year degree with five years of experience in a public-sector environment, submit a character reference and show proof of at least two years of direct government auditing experience. To obtain this certification, candidates must pass one exam.
Source: The Institute of Internal Auditors
CIA -- Certified Internal Auditor
The CIA cert demonstrates knowledge of professional financial auditing practices. The cert is of primary interest to financial professionals responsible for auditing IT practices and procedures, as well as standard accounting practices and procedures to insure the integrity and correctness of financial records, transaction logs and other records relevant to commercial activities.
Source: Institute of Internal Auditors
CISA -- Certified Information Systems Auditor
The CISA demonstrates knowledge of IS auditing for control and security purposes. This cert is of primary interest to IT security professionals responsible for auditing IT systems, practices and procedures to make sure organizational security policies meet governmental and regulatory requirements, conform to best security practices and principles, and meet or exceed requirements stated in an organization's security policy.
Source: Information Systems Audit and Control Association
ECSP -- EC-Council Certified Secure Programmer
The ECSP identifies programmers who can design and build relatively bug-free, stable Windows- and Web-based applications with the .NET/Java Framework, greatly reducing exploitation by hackers and the incorporation of malicious code. Candidates must attend a Writing Secure Code training course and pass a single exam.
Source: EC-Council
Security5
Security5 certification identifies non-IT office workers and home users who understand Internet security terminology, know how to use defense programs such as antivirus and antispyware applications, can implement basic operating system security and follow safe Web and e-mail practices. Candidates must attend a two-day course and pass one exam.
Source: EC-Council
Showing posts with label CISA. Show all posts
Showing posts with label CISA. Show all posts
Thursday, November 13, 2008
Monday, May 19, 2008
NCAC May 2008 Monthly Meeting
For those of you in the Washington, DC area:
Don't Miss Out! There are still seats available to the NCAC's NCAC May 2008 Monthly Meeting on Wednesday, May 21, 2008. The topic this month is Federal IT Governance: An Integrated Approach. The agenda for this full-day meeting is:* Update on the current activities of the FISMA Implementation Project at NIST, presented by Dr. Ron Ross, Senior Computer Scientist, NIST* Secure Content Automation Protocol Implementation Project, presented by Alfred Ouyang, Mitre* Incident Response requirements for privacy breaches, presented by Benjamin Bergersen, U.S. NAVY SPAWAR* Security in the Future, Jerry Davis, Deputy CIO, NASA
Note, the agenda has changed slightly, due to changes in speaker schedules. Registration begins at 9:30AM.
This is a great opportunity to earn 6 hours of CPE at a great value. For those who are affected by FISMA, this is a must attend event!
You still have time to register in advance! Advance registration will close at 3PM on Monday, May 19th. If there are spaces available, walk-up registration will be available, though with an additional charge.
For additional information on this meeting, including location and cost, visit http://www.isaca-washdc.org/events/monthly/monthly-May2008.htm.
To register, please click the link below, view the invitation, and click YES to begin the registration process.
http://guest.cvent.com/i.aspx?1Q,P1,4C6C4F8C-F0AF-4D08-B482-06A1992CE1CD
Sincerely,NCAC Monthly Meeting Reservations CommitteeISACA® National Capital Area Chapter
Sunday, May 18, 2008
CISA and CISSP Information
Below are some security information that will help you in the CISA and CISSP certifications
Understanding the Threat
o Each network & computing technology has inherent security problems.
• Configuration Weaknesses
o Even the most secure technology can be misconfigured exposing security problems.
• Policy Weaknesses
o A poorly defined, implemented or managed security policy can make the best security infrastructure open for abuse.
Security Definitions
• Threats
o A threat is any potential danger to information or systems
• Vulnerabilities
o A vulnerability is a software, hardware or procedural weakness that may provide an attacker a way to access information or systems.
• Attacks
o An attack is a technique used to exploit a vulnerability.
Understanding the Threat
- Protecting information assets is a significant challenge for IT Security Professionals
- To protect information assets IT Security Professionals must use:
- Administrative Controls
- Physical Controls
- Technical ControlsReasons for Security Issues
o Each network & computing technology has inherent security problems.
• Configuration Weaknesses
o Even the most secure technology can be misconfigured exposing security problems.
• Policy Weaknesses
o A poorly defined, implemented or managed security policy can make the best security infrastructure open for abuse.
Security Definitions
• Threats
o A threat is any potential danger to information or systems
• Vulnerabilities
o A vulnerability is a software, hardware or procedural weakness that may provide an attacker a way to access information or systems.
• Attacks
o An attack is a technique used to exploit a vulnerability.
Friday, May 16, 2008
The Certified Information Systems Auditor (CISA) Exam Study Tips
The Certified Information Systems Auditor (CISA) exam is just about a month away. I remembered the last month before taking the exam. I was worried and felt that I was not prepared. Also, at the time, I was looking for any additional information I can get my hands on to help me get that extra edge. So with that in mind, I will be providing some assistance to those of you that will be taking the exam. I have produces some notes and slides that should give you that extra edge in the exam. Good luck in June and I will do everything I can to assist.
Thursday, March 27, 2008
Become CISA or CISM Certified in 2008
Become CISA or CISM Certified in 2008
ISACA has asked me as a proud ISACA credential holder, to pass along this message. We thought you might be interested in joining the ranks of more than 55,000 audit, control and security professionals who already hold the CISA designation, and more than 8,000 information security management professionals who are CISMs. As I have already experienced, certification increase your standing in your organization and makes you highly desirable to potential employers.
If you are seeking worldwide recognition for your unique IT audit, assurance or security experience and knowledge and want to distinguish yourself from others in your profession, then it is time to pursue a certification from ISACA.
For 30 years, the Certified Information Systems Auditor™ (CISA®) credential has been preferred by individuals and organizations around the world. More than 55,000 audit, control and security professionals have achieved this globally accepted standard since 1978.
Since 2002, the Certified Information Security Manager® (CISM®) has defined the role of professionals who have information security management responsibilities. ISACA has certified more than 8,000 CISMs to date.
Independent surveys by Foote Partners and Certification Magazine have named both CISA and CISM among the highest-paying certifications; each program is also accredited under ISO/IEC 17024 for its credentialing procedures and adherence to rigorous standards of performance.
Register online today at www.isaca.org/examreg. Don’t wait and miss the 9 April deadline!
For those seeking recognition for IT governance related knowledge and experience, ISACA is now accepting applications for our new credential, Certified in the Governance of Enterprise IT™ (CGEIT™). It is designed for professionals who have management, advisory and/or assurance responsibilities relating to the governance of IT. For more information on CGEIT and how to earn certification without taking an exam through the grandfathering provision, please visit www.isaca.org/cgeit.
Note: Because of the extreme popularity of the CISA and CISM credentials the online registration process accepts payments and is the preferred method for submitting exam registrations. Those who wait until the final deadline date may experience heavy registration volume, and we ask for your patience.
Anyone seeking additional information is encouraged to please visit the ISACA web site at www.isaca.org/certification or contact the certification department, call +1.847.660.5660; or e-mail certification@isaca.org.
Thank you,
ISACA Certification Department
About ISACA
With more than 65,000 members in 140 countries, ISACA (www.isaca.org) is a recognized worldwide leader in IT governance, control, security and assurance. Founded in 1969, ISACA administers the CISA, CISM and CGEIT designations; sponsors international conferences; publishes the Information Systems Control Journal; and develops international information systems auditing and control standards.
ISACA has asked me as a proud ISACA credential holder, to pass along this message. We thought you might be interested in joining the ranks of more than 55,000 audit, control and security professionals who already hold the CISA designation, and more than 8,000 information security management professionals who are CISMs. As I have already experienced, certification increase your standing in your organization and makes you highly desirable to potential employers.
If you are seeking worldwide recognition for your unique IT audit, assurance or security experience and knowledge and want to distinguish yourself from others in your profession, then it is time to pursue a certification from ISACA.For 30 years, the Certified Information Systems Auditor™ (CISA®) credential has been preferred by individuals and organizations around the world. More than 55,000 audit, control and security professionals have achieved this globally accepted standard since 1978.
Since 2002, the Certified Information Security Manager® (CISM®) has defined the role of professionals who have information security management responsibilities. ISACA has certified more than 8,000 CISMs to date.
Independent surveys by Foote Partners and Certification Magazine have named both CISA and CISM among the highest-paying certifications; each program is also accredited under ISO/IEC 17024 for its credentialing procedures and adherence to rigorous standards of performance.
Register online today at www.isaca.org/examreg. Don’t wait and miss the 9 April deadline!
For those seeking recognition for IT governance related knowledge and experience, ISACA is now accepting applications for our new credential, Certified in the Governance of Enterprise IT™ (CGEIT™). It is designed for professionals who have management, advisory and/or assurance responsibilities relating to the governance of IT. For more information on CGEIT and how to earn certification without taking an exam through the grandfathering provision, please visit www.isaca.org/cgeit.
Note: Because of the extreme popularity of the CISA and CISM credentials the online registration process accepts payments and is the preferred method for submitting exam registrations. Those who wait until the final deadline date may experience heavy registration volume, and we ask for your patience.
Anyone seeking additional information is encouraged to please visit the ISACA web site at www.isaca.org/certification or contact the certification department, call +1.847.660.5660; or e-mail certification@isaca.org.
Thank you,
ISACA Certification Department
About ISACA
With more than 65,000 members in 140 countries, ISACA (www.isaca.org) is a recognized worldwide leader in IT governance, control, security and assurance. Founded in 1969, ISACA administers the CISA, CISM and CGEIT designations; sponsors international conferences; publishes the Information Systems Control Journal; and develops international information systems auditing and control standards.
Subscribe to:
Posts (Atom)
Posts
