National Security Agency and the International Information Systems Security Certification Consortium will continue their partnership on the Certification and Accreditation Professional and Systems Security Certified Professional certificates.
The National Security Agency has signed a four-year, indefinite delivery/indefinite quantity contract with the International Information Systems Security Certification Consortium Inc. to provide enterprisewide testing programs for Certification and Accreditation Professional (CAP) and Systems Security Certified Professional (SSCP) certificates.
The contract represents the next phase in NSA's ongoing training efforts. In 2004, NSA asked the consortium, based in Palm Harbor, Fla., to provide an on-site education program for employees seeking the company's Certified Information Systems Security Professional (CISSP) credential. In 2006, the company began providing NSA an expanded program of on-site review and testing services for the Information Systems Security Engineering Professional (ISSEP) credential'an engineering concentration for the CISSP credential originally developed by the two organizations in partnership'to establish an additional level of knowledge and expertise tailored to U.S. national security.
Under the terms of the contract, as many as 200 NSA information security professionals each year will receive test books and course materials, and go through on-site review, post-seminar assessment and certification testing for the SSCP and CAP credentials. The agency schedules the on-site courses and exams; employees do not individually register, nor do they attend courses or exams held in public venues.
The value of the contract was not released.
NSA has requested that the consortium extend the two-day ISSEP course to a four-day format, which also will be available upon request for other federal agencies and private-sector organizations. The ISSEP is designed for advanced information security/assurance/risk management professionals who have demonstrated mastery of systems security engineering, technical management, certification and accreditation, and information assurance regulations.
The NSA is now running a continuous program scheduled to continue through 2010. The certification programs covered by the contract are part of the agency's overall goal of professionalizing their information security and engineering workforces.