CESG adopts IISP skills framework for Information Assurance

CESG, the National Technical Authority for Information Assurance across the public sector, announces the adoption of the Institute of Information Security Professionals (IISP) skills framework as the basis for its Professional skills and competency framework. This is further recognition that professional skills are required of the professionals who design and assure the security of information systems.

Under the agreement between the IISP and CESG the skills framework will become the basis for measuring the competence of Information Assurance (IA) professionals involved in the delivery of public sector services. The agreement allows CESG to supplement the framework as necessary to better enable its application across the public sector.

The IISP will continue to provide its own Associate and Full Member (M.Inst.ISP) accreditation for Information Security and Assurance Professionals across the full skills framework. The Institute also continues to operate the related Infosec Training Path and Competencies scheme's (ITPC) accreditation process on behalf of the UK government.

Professor Paul Dorey, Chairman of the Institute of Information Security Professionals, said "The criticality of risks to information systems has taken us beyond the stage where security skills can be just picked up by chance. We see increasing numbers of companies, and now government departments, requiring certification of professional competence, just like engineers and doctors."

Chris Ensor, Head of Profession for IA at CESG, said "The IISP skills framework is an excellent foundation on which to build and measure IA competence across the public sector. We will now use it to formalise IA roles and as the basis for organisations to certify people, education and training."