Cisaw is introduced as follows:
CISAW is the initial combination of English certified information security assurance worker and Chinese is "information security personnel certification".
CISAW is a certification system for information security personnel at different levels established by China Information Security Certification Center after six years, aiming at different professional technical directions, application fields and security posts of information security, and according to the international standard ISO/IEC 17024 "General Requirements for Personnel Certification Institutions", which is participated by industry experts, enterprise elites, scholars from universities and research institutions.
Certification direction:
CISAW has undergone a brand-new revision, and has established more than 20 certification directions for technical majors and application fields, providing a relatively complete certification system for information security practitioners of different levels and professions.
Certification standard:
1 and range
This standard specifies the professional direction, level and qualification requirements of information security personnel certification. This standard is applicable to the certification examination and certification of information security personnel. This standard does not apply to the registration of registered auditors.
2, normative reference documents
The following documents are essential for the application of this document. For dated reference documents, only dated version is applicable to this document. For undated reference documents, the latest version (including all revisions) is applicable to this document. GB/T 27024 general requirements of certification bodies for qualified assessors
3. Terms and definitions
The following terms and definitions defined in GB/T27024 apply to this document.
3. 1 Information security personnel All personnel engaged in information security-related work, such as organization managers, IT-related technicians and technicians engaged in information security service organizations (including information security product research and development personnel, information security consultants, information security service implementers and overseas service personnel).
3.2 certification professional direction certification professional field is the professional direction divided according to the technical direction of information security, and personnel certification is carried out according to it.
3.3 The applicant for certification has passed the information security personnel certification examination and certification evaluation, and obtained or maintained the information security personnel certification certificate.
3.4 Work Experience All work experience after obtaining the corresponding education, whether paid or unpaid, full-time or part-time, excluding internship experience.