ABSTRACT
The Information Systems Security Engineering
Professional (ISSEP) credential was developed as an
advanced area of concentration to the Certified
Information Systems Security Professional (CISSP) cre-
dential by the International Information Systems Security
Certification Consortium (ISC)2 in 2004. The ISSEP certi-
fication was sponsored by the U.S. National Security
Agency (NSA) and developed by (ISC)2.[1]
This advanced concentration provides an invaluable
tool for any systems security engineering professional.
CISSP-ISSEP Common Body of Knowledge (CBK)[1]
is the guide for incorporating information systems security
into projects, applications, business processes, and infor-
mation systems. The ISSEP security professional is
expected to understand and use systems security engineer-
ing (SSE) methodologies and best practices to integrate
security into all facets of information systems development
and business operations. The SSE model used in the ISSEP
concentration is based on the Information Assurance
Technical Framework (IATF) SSE model and is a guiding
light in the field of information security for the incorpora-
tion of security into information systems.