Problem solve Get help with specific problems with your technologies, process and projects.

Certification snapshot -- ICSA

SearchSecurity certification expert Ed Tittel gives the low-down on ICSA.

Certification snapshot -- ICSA

By Ed Tittel

On December 18, I wrote a tip entitled "Psst! Hear about the new series of security certifications?" It covered the various International Computer Security Association (ICSA) certifications that TruSecure is in the process of defining and delivering to the public this year. In this tip, I'd like to revisit that topic and take a closer look at their entry-level certification -- the ICSA Certified Security Associate, or ICSA credential. For clarity, I call the parent organization the ICSA in this tip; I will always use the word certification when I'm talking about the ICSA certification itself.

First, I feel obligated to mention that I'm an invited member of the ICSA Practitioner Security Certifications Oversight Board, the group that collectively sets policy and topics for these exams. It's a volunteer job, and I'm honored to be included with the likes of Fred Avolio (also a SearchSecurity columnist), Marcus Ranum, Tina Darmohray and many other security luminaries. Despite my own involvement with this program, I feel it's worth watching and learning more about.

What I like about the ICSA certification is that it involves considerably more than just passing a test pulled from a bank of test questions, based on a published set of exam objectives. For example, here are some of its other requirements:

  • Applicants must sign a document that binds them to uphold a formal code of ethics extensively documented by the ICSA that covers everything from privacy to standards of professional conduct.

  • Applicants must have either two years of demonstrable, security-related work experience or 50-plus hours of security-related classroom training, drawn from courses deemed acceptable by the ICSA.

    Of course, there is a test ($295 as of this writing, with discounts available to students and recent graduates), that one must pass to obtain an ICSA certification. But I like the idea that it occurs in the context of an experience or training requirement, as well as within a published canon of ethics.

    The list of technical requirements that an ICSA Certification candidate must master is a little too long to recount here (you'll find it in the first URL in the two that end this tip. Suffice it to say that the ICSA is on a par with other top-of-the-line entry-level security certifications on the market today, including CISSP, SANS introductory classes and so forth.

    Read more about this new program at the ICSA Security Practitioner Certifications Web page or the Certification Requirements Web page.

    About the author:

    Ed Tittel is a principal at LANWrights Inc., a content development company based in Austin, Texas, and the creator of the Exam Cram series. He has worked on numerous certification titles on Microsoft, Novell, CIW and Sun-related topics, and is working on several security certification books for delivery in 2001. You can reach him at

  • This was last published in March 2001

    Dig Deeper on Security industry certifications

    Start the conversation

    Send me notifications when other members comment.

    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

    Please create a username to comment.