Certification

Certification

"The professional can function effectively in the capacity of a CISO, CCO by tackling the challenge of Information Security as a business concern that is not solved by technology alone, but by People, Process and Technology."

The HISP Examination has been developed through the join effort of strategic partners and the HISP Certification Board, which is represented by a number of CISOs, ISOs, and Technology Risk Management Directors from major companies.

Endorsed by British Standards Institute (BSI) Americas, the world’s leading standards and certification organization, the HISP certification course is the only educational curriculum available today that teaches how to integrate ISO 27002/27001 with COBIT, COSO, ITIL, and multiple regulatory requirements pertaining to information security and privacy

Since its launch in March 2005, this unique certification course has been promoted by local chapters of ISSA (Information Systems Security Association) and ISACA (Information Systems Audit and Control Association) and this class earns 35 CPE's for each attendee.

The HISP Certification is being administered from the Holistic Information Security Practitioner (HISP) Institute (HISPI) that is an independent certification organization consisting of volunteers that are true information security practitioners, such as Chief Information Security Officers (CISOs), Information Security Officers (ISOs), Information Security Managers, Directors of Information Security, Security Analysts, Security Engineers and Technology Risk Managers from major corporations and organizations.

The HISP designation means that:

  • The professional has a good grounding in International best practices for Information Security & Audit Governance as well as general IT Governance i.e. ISO 27002, ITIL, CobiT and COSO.
  • The professional takes a Holistic risk management approach to Information Security.
  • The professional is a hybrid Information Security professional, well balanced between technical and business skills.
  • The professional can function effectively in the capacity of a CISO, CCO by tackling the challenge of Information Security as a business concern that is not solved by technology alone, but by People, Process and Technology.
  • The professional is able to map International best practices of IS0 27002, ITIL, CobiT and COSO to current and future regulatory compliance requirements

Steps to earn HISP certification

The first step forwards certification is to attend a public or private Holistic Information Security Practitioner (HISP) class. The candidate will then need to pass the HISP certification examination administered on the final day of the class, shortly after lunch break.

The HISP Examination consists of 100 multiple-choice questions and is now closed book; the time allotted is strictly 2 hours.

The questions are taken from the slides in the HISP courseware. Roughly 80% of the questions are based on the ISO 27002 section of the HISP course curriculum and the remaining 20% focused on the rest of the HISP course curriculum.

Currently, to pass the HISP examination, you must achieve a score of 75%.

Attendees who pass the HISP certification examination will receive an e-mail notification within 2 weeks of taking the examination and if successful, will receive their HISP certificate within 2 weeks of receiving this e-mail notification.

This certification course is positioned to become a differentiator amongst other industry leading certifications, because it proactively addresses a very critical gap in the market.

The HISP certification is complementary to other existing, recognised security certifications such as CISSP, CISA, ISM, and CFA. In undertaking HISP the security practitioner also gains 35 CPE points to help maintain their other qualifications.

The matrix below illustrates how the HISP Curriculum encompasses domains found in CISSP, CISM and CISA:

Attendees can choose to take the HISP Examination on the final day of the HISP Training. There is a separate Examination fee of $499 payable to the HISP Institute for students that intend to pursue to take the HISP Examination on the final day of the class.

The following rules apply for the HISP Examination:

  • The HISP Examination is not an open book examination and standard examination rules apply
  • The HISP Examination notification results are sent out by the HISP Institute. New certification maintenance requirements may be provided by the HISP Institute in the near future.

After successfully completing the course and passing the exam, participants will receive a certificate that reads-"Holistic Information Security Practitioner." issued by the HISP Insitute.