The Information Systems Security Association, commonly known as ISSA, is an international, nonprofit organization for information security professionals.
Founded in 1984, ISSA aims to promote the sharing of information security management practices through educational forums, publications and networking opportunities among security professionals. Members of ISSA include both new and experienced security practitioners who work in a variety of fields, such as healthcare, finance and government.
ISSA's goals are to promote security education and skills development, encourage free information exchanges, communicate current events within the security industry and help express the importance of security controls to enterprise business management.
Members of ISSA are required to uphold a code of ethics. This code mandates that members:
- "Perform all professional activities and duties in accordance with all applicable laws and the highest ethical principles;
- Promote generally accepted information security current best practices and standards;
- Maintain appropriate confidentiality of proprietary or otherwise sensitive information encountered in the course of professional activities;
- Discharge professional responsibilities with diligence and honesty;
- Refrain from any activities which might constitute a conflict of interest or otherwise damage the reputation of or is detrimental to employers, the information security profession, or the Association; and
- Not intentionally injure or impugn the professional reputation or practice of colleagues, clients, or employers."
ISSA holds an annual international conferences, as well as regular chapter meetings and seminars for members. There are various membership tiers available for different annual fees.