1. Within 30 days before the expiration of the validity period of the certificate, an application for renewal of the certificate shall be filed.
2. Having completed at least three complete information security service and information security service projects refers to the design, implementation, testing, operation and maintenance of information security projects and related consulting and training activities. Specific forms include:
Security engineering: design, construction, verification, operation and maintenance of information system security scheme; Security testing and monitoring: conduct security testing on the existing information security system, and adjust, supplement and delete the overall protection equipment (including hardware, software, firmware and components responsible for implementing security policies, etc.). ); Monitor the information system and make a security commitment;
Security-related construction: adjust, add and delete the external facilities of the information security system (including communication lines, links, channels/hidden channels, protected buildings and signs, etc.). );
Security consultation and education: engaging in information system security consultation, training and publicity, including proposing and formulating information system security plans or services stipulated in security management and operation in written form, and publicizing and disseminating security knowledge in public or in the media; Information system security activities and policy formulation; Engaged in information system security education;
Scheme testing: paid or unpaid activities to test and verify a security product and security scheme (such as algorithm) in the existing information security system;
Other services: other services or technical activities that may affect the security performance of information systems.
3. Comply with the code of conduct for registered information security professionals.
Free CISP learning materials and knowledge map: /CISP/XZL/N 125.html? fcode=h 1000026