Last week, two leading IT security certification vendors, SANS Global Information Assurance Certification (GIAC) and the International Information Systems Security Certification Consortium [(ISC)2], announced they had come together with another group, the Information Systems Security Association, to approve a common code of ethics for IT security professionals.
Both (ISC)2, known for its flagship Certified Information Systems Security Professional (CISSP) title, and GIAC offer a range of certifications for IT security professionals, and emphasize ethics in their curriculums -- (ISC)2 candidates must sign a code of ethics as part of the credential process.
"This is a crucial step toward the professionalism of information security workers," commented Stephen Northcutt, chairman of the GIAC Board of Directors, in a prepared statement.
According to the announcement of the code, the approval last week was the first step toward possibly creating a larger consortium of organizations approving this code for its members, including ASIS International and the Information Systems Audit and Control Association (ISACA), who offers the Certified Information Systems Auditor (CISA) certification, among others.
The development process is continuing, and the organizations have not said when the code will be applied to their members. The code of ethics itself has yet to be released.
To view the official announcement, go here.