ISSEP: Information Systems Security Engineering Professional

The Information Systems Security Engineering Professional (ISSEP) credential was developed as an advanced area of concentration to the Certified Information Systems Security Professional (CISSP) credential by the International Information Systems Security Certification Consortium (ISC)² in 2004. This advanced concentration provides a systems security engineering professional with the tools needed to develop secure systems using the CISSP-ISSEP Common Body of Knowledge (CBK^®) as a guide for incorporating systems security engineering (SSE) into projects, applications, business processes, and information systems. The ISSEP security professional understands the SSE methodologies and best practices to integrate security into all facets of information systems, being development as well as business operations. The ISSEP certification was sponsored by the U.S. National Security Agency (NSA) and developed by (ISC)². There are four domains and six process steps that make up the content of the ISSEP certification. The domains include Information Systems Security Engineering, Technical Management, Certification and Accreditation, and U.S. Government Information Assurance Regulations. The six process steps include discover the information protection needs; define the system security requirements; define system security architecture; develop detailed security design; implement the design; and continuously assess the effectiveness of the security services, features, and functionality. The entry goes on to discuss the certification examination, recertification considerations and provides an explanation of how to earn the Continuing Professional Education (CPE) to maintain the certification.