Certified Information Security Professional is a national certification implemented by China Information Security Product Evaluation and Certification Center, which recognizes the professional qualifications of information security personnel.
This certificate is a professional qualification certificate issued for information security professionals responsible for the construction, operation, maintenance and management of information systems in information security enterprises, information security consulting services, information security assessment agencies, government agencies, social organizations, universities and enterprises.
This certificate is a set of information security talent system strategy established and developed by China Information Security Evaluation Center to meet the urgent needs of all sectors of society for professional security talents. It has been used as a professional certification qualification since 2002.
Registered information security professionals, according to the actual job needs, CISP is divided into two categories, namely "registered information security engineer" or "registered information security manager" or "CISO", in which CISE is mainly engaged in information security technology development and service engineering construction, and CISO is engaged in information security management and other related work.
These three types of registered information security professionals are necessary professional posts for information security enterprises, information security consulting services, information security assessment institutions, social organizations, organizations, enterprises and institutions, and technical departments (including standardization departments) related to information system (network) construction, operation and application management.
Its basic function is to provide technical support for information system security, and its professional qualification and ability have been registered by China Information Security Evaluation Center.
In CISP's knowledge architecture, * * * includes five knowledge categories: information security overview, information security technology, information security management, information security engineering and information security standards and regulations.
Each knowledge class is divided into multiple knowledge bodies according to its logic, each knowledge body contains multiple knowledge domains, and each knowledge domain consists of one or more knowledge subdomains.