Institute of Information Security Professionals


The Institute of Information Security Professionals is an independent, non-profit body governed by its members, with the principal objective of advancing the professionalism of information security practitioners and thereby the professionalism of the industry as a whole.
The primary aim of the institute is to provide a universally accepted focal point for the information security profession.

Overview

The Institute of Information Security Professionals has a membership representing over 8,000 individuals globally throughout Industry, Academia and Government.
IISP has offices in Evesham, Worcestershire and Southwark, London. The institute's HQs are based in Evesham, close to the cyber-hubs of Cheltenham and Malvern.
The institute is run by its members and has an elected board of directors with Dr Alastair MacWillson as the chairman.

Activities

One of its main activities is to act as an accreditation authority for the industry. As part of the government's investment in cyber security, the IISP consortium has been appointed by NCSC to provide certification for UK government Information Assurance professionals. The consortium has been awarded a licence to issue the CESG Certified Professional mark based on the Skills Framework, as part of a certification scheme driven by NCSC, the IA arm of GCHQ.
Full membership of the institute is information security's professional standard and endorses the knowledge, experience and professionalism of an individual in this field. The award of membership levels is competency-based which sets it apart from purely knowledge-based qualifications and is awarded to those professionals who demonstrate breadth and depth of knowledge, and substantial practical experience.

Regional branches

The IISP has a number of regional branches which are developed for its members:
Branch Locations:

History

Based in London, United Kingdom, the institute was established in 2006 by information security professionals. In 2007, the institute developed the IISP Skills Framework. This framework describes the range of competencies expected of information security and information assurance professionals in the effective performance of their roles. It was developed through collaboration between both private and public sector organisations and academics and security leaders.
In 2012, as part of the government's investment in cyber security, the IISP consortium were appointed by NCSC to provide certification for UK government information assurance professionals. The IISP defined a set of information security skills and skill levels and these skill definitions have been supplemented by NCSC to enable certification bodies to make formal assessments, and others to make informal assessments against the IA skill levels.