Information Systems Security Association

Information Systems Security Association
Type	501(c)(6)
Tax ID no.	32-0378586
Headquarters	Woburn, MA
Website	www.issa.org

Last updated March 06, 2024

Information Systems Security Association (ISSA) is a not-for-profit, international professional organization of information security professionals and practitioners. It was founded in 1984 after work on its establishment started in 1982.^[2] ISSA promotes the sharing of information security management practices through educational forums, publications and networking opportunities among security professionals.

The association publishes the ISSA Journal,^[4] a peer-reviewed publication on the issues and trends of the industry. It also partners with ESG (Enterprise Strategy Group) to release a yearly research report, "The Life and Times of the Cyber Security Professional", to examine the experiences of cybersecurity professionals as they navigate the modern threat landscape and the effects it has on their careers.^[5]

Organization

Information Systems Security Association has a board of directors that is elected annually by its members and a set of committees that are appointed. The headquarters of ISSA is located in Woburn, Massachusetts.

ISSA International Board of Directors Executive Officers

President: Dr Shawn Murray, C|ISO, CISSP, CRISC, FITSP-A

Vice President: Deb Peinert, CISSP-ISSMP

Secretary/Director of Operations: Betty Burke

Treasurer/Chief Financial Officer: Pamela Fusco, CISSP

Membership

ISSA has an international membership base.

Goals

The primary goal of the ISSA is to promote management practices that will ensure the confidentiality, integrity and availability of information resources. The ISSA facilitates interaction and education to create a more successful environment for global information systems security and for the professionals involved. ISSA's goals are to promote security education and skills development, encourage free information exchanges, communicate current events within the security industry and help express the importance of security controls to enterprise business management.^[6]^[7]

Code of ethics

As an applicant for membership, the individual is expected to be bounded to a principle of ethics related to the Information Security career.^[8]^[9]

Applicants for ISSA membership attest that they have and will:

Perform all professional activities and duties in accordance with all applicable laws and the highest ethical principles;
Promote generally accepted information security current best practices and standards;
Maintain appropriate confidentiality of proprietary or otherwise sensitive information encountered in the course of professional activities;
Discharge professional responsibilities with diligence and honesty;
Refrain from any activities which might constitute a conflict of interest or otherwise damage the reputation of employers, the information security profession, or the Association; and
Not intentionally injure or impugn the professional reputation or practice of colleagues, clients, or employers.^[10]

International presence

ISSA is present in more than one hundred countries, including Europe and Asia, with more than 10,000 members.

Related Research Articles

Information security, sometimes shortened to infosec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorized or inappropriate access to data or the unlawful use, disclosure, disruption, deletion, corruption, modification, inspection, recording, or devaluation of information. It also involves actions intended to reduce the adverse impacts of such incidents. Protected information may take any form, e.g., electronic or physical, tangible, or intangible. Information security's primary focus is the balanced protection of data confidentiality, integrity, and availability while maintaining a focus on efficient policy implementation, all without hampering organization productivity. This is largely achieved through a structured risk management process that involves:

The SANS Institute is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and auditing. The information security courses are developed through a consensus process involving administrators, security managers, and information security professionals. The courses cover security fundamentals and technical aspects of information security. The institute has been recognized for its training programs and certification programs. Per 2021, SANS is the world’s largest cybersecurity research and training organization. SANS is an acronym for SysAdmin, Audit, Network, and Security.

CISSP is an independent information security certification granted by the International Information System Security Certification Consortium, also known as ISC2.

ISACA is an international professional association focused on IT governance. On its IRS filings, it is known as the Information Systems Audit and Control Association, although ISACA now goes by its acronym only. ISACA currently offers 8 certification programs, as well as other micro-certificates.

The International Association of Privacy Professionals (IAPP) is a nonprofit, non-advocacy membership association founded in 2000. It provides a forum for privacy professionals to share best practices, track trends, advance privacy management issues, standardize the designations for privacy professionals, and to provide education and guidance on career opportunities in the field of information privacy. The IAPP offers a full suite of educational and professional development services, including privacy training, certification programs, publications and annual conferences. It is headquartered in Portsmouth, New Hampshire.

The Information Security Forum (ISF) is an independent information security body.

A chief information security officer (CISO) is a senior-level executive within an organization responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. The CISO directs staff in identifying, developing, implementing, and maintaining processes across the enterprise to reduce information and information technology (IT) risks. They respond to incidents, establish appropriate standards and controls, manage security technologies, and direct the establishment and implementation of policies and procedures. The CISO is also usually responsible for information-related compliance. The CISO is also responsible for protecting proprietary information and assets of the company, including the data of clients and consumers. CISO works with other executives to make sure the company is growing in a responsible and ethical manner.

The Australian Computer Society (ACS) is an association for information and communications technology professionals with 40,000+ members Australia-wide. According to its Constitution, its objectives are "to advance professional excellence in information technology" and "to promote the development of Australian information and communications technology resources".

The Chief Privacy Officer (CPO) is a senior level executive within a growing number of global corporations, public agencies and other organizations, responsible for managing risks related to information privacy laws and regulations. Variations on the role often carry titles such as "Privacy Officer," "Privacy Leader," and "Privacy Counsel." However, the role of CPO differs significantly from another similarly-titled role, the Data Protection Officer (DPO), a role mandated for some organizations under the GDPR, and the two roles should not be confused or conflated.

The ISO/IEC 27000-series comprises information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

Howard Anthony Schmidt was a partner with Tom Ridge in Ridge Schmidt Cyber LLC, a consultancy company in the field of cybersecurity. He was the Cyber-Security Coordinator of the Obama Administration, operating in the Executive Office of the President of the United States. He announced his retirement from that position on May 17, 2012, effective at the end of the month.

Donn B. Parker was an information security researcher and consultant and a 2001 Fellow of the Association for Computing Machinery. Parker had over 50 years of experience in the computer field in computer programming, computer systems management, consulting, teaching, and research.

An information security operations center is a facility where enterprise information systems are monitored, assessed, and defended.

The Computing Technology Industry Association, more commonly known as CompTIA, is an American non-profit trade association that issues professional certifications for the information technology (IT) industry. It is considered one of the IT industry's top trade associations.

The Security Industry Association (SIA), based in Silver Spring, Maryland, is a U.S. trade association, founded in 1969, representing global security solutions providers. The organization today represents nearly 1,400 firms and organizations in the security industry, and in 2017 the association expanded membership to include an academic category.

The International Information System Security Certification Consortium, or ISC2, is a non-profit organization which specializes in training and certifications for cybersecurity professionals. It has been described as the "world's largest IT security organization". The most widely known certification offered by ISC2 is the Certified Information Systems Security Professional (CISSP) certification.

The following outline is provided as an overview of and topical guide to software development:

The United Kingdom has a diverse cyber security community, interconnected in a complex network.

Mark Weatherford is an American cybersecurity professional who has held a variety of executive level positions in both the public and private sectors. He was appointed as the first deputy under secretary for cybersecurity at the US Department of Homeland Security from 2011 to 2013. He is currently the Global Information Security Strategist for Booking Holdings.

Shon Harris was an author of books and articles on topics related to information security, including study guides for Certified Information Systems Security Professional (CISSP) security certification examination. At the time of her death, over 1,000,000 copies of her books had been sold.

References

↑ "Charity Navigator - Unrated Profile for INFORMATION SYSTEMS SECURITY ASSOCIATION". Charity Navigator. Retrieved 14 February 2019.
↑ "Sandra Lambert chats with Selena Templeton about founding ISSA in the early '80s" . Retrieved 14 February 2019– via soundcloud.com.
↑ "ISSA International Award Winners". ISSA. Information Systems Security Association. Retrieved 23 December 2020.
↑ "Information Systems Security Association Journal". www.issa.org. Retrieved 23 December 2020.
↑ Group, Enterprise Strategy. "ESG Research - The Life and Times of Cybersecurity Professionals". www.esg-global.com. Retrieved 23 December 2020.
↑ "About ISSA". ISSA. Information Systems Security Association. Retrieved 23 December 2020.
↑ Kovacich, Gerald L. (19 August 2003). The Information Systems Security Officer's Guide: Establishing and Managing an Information Protection Program . Butterworth-Heinemann. p. 311 . Retrieved 14 February 2019– via Internet Archive. Information Systems Security Association -wikipedia.
↑ "ISSA Code of Ethics". ISSA. Retrieved 23 December 2020.
↑ "What is ISSA (Information Systems Security Association)? - Definition from WhatIs.com". SearchSecurity. Retrieved 14 February 2019.
↑ "ISSA Code of Ethics" . Retrieved 2020-12-23.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Charity Navigator - Unrated Profile for INFORMATION SYSTEMS SECURITY ASSOCIATION". Charity Navigator. Retrieved 14 February 2019.

[2] "Sandra Lambert chats with Selena Templeton about founding ISSA in the early '80s" . Retrieved 14 February 2019– via soundcloud.com.

[3] "ISSA International Award Winners". ISSA. Information Systems Security Association. Retrieved 23 December 2020.

[4] "Information Systems Security Association Journal". www.issa.org. Retrieved 23 December 2020.

[5] Group, Enterprise Strategy. "ESG Research - The Life and Times of Cybersecurity Professionals". www.esg-global.com. Retrieved 23 December 2020.

[ISSA-about-6] "About ISSA". ISSA. Information Systems Security Association. Retrieved 23 December 2020.

[7] Kovacich, Gerald L. (19 August 2003). The Information Systems Security Officer's Guide: Establishing and Managing an Information Protection Program . Butterworth-Heinemann. p. 311 . Retrieved 14 February 2019– via Internet Archive. Information Systems Security Association -wikipedia.

[8] "ISSA Code of Ethics". ISSA. Retrieved 23 December 2020.

[9] "What is ISSA (Information Systems Security Association)? - Definition from WhatIs.com". SearchSecurity. Retrieved 14 February 2019.

[10] "ISSA Code of Ethics" . Retrieved 2020-12-23.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]