Yet another IT security qualification is to be launched in New Zealand this year, intended to address the area's increasing specialisation.
The International Systems Audit and Control Association (ISACA), a US non-profit industry body that looks at IT control and governance issues, is introducing its Certificate of Information Security Management, aimed at those involved in all aspects of security management.
The first exams will be run by KPMG in Wellington in June, along with a similar ISACA qualification, the Certified Information Security Manager (CISM).
In August ISACA and KPMG will also stage exams for the broader-based Certified Information Systems Security Professional (CISSP) examination, which was first introduced in New Zealand in 2001.
Alasdair McKenzie, internet security specialist for the New Zealand Computer Society, says security qualifications are increasingly preferred or required by employers. US studies suggest they can boost a security professional's earnings by 10%.
McKenzie likens the qualification to the MCSE of the security world.
"It's not simply a certification; you have to be a practitioner and prove that you have worked in the field for three to five years," he says.
About 30 people sat the quarterly CISSP and Certified Information Systems Auditor (CISA) exams last November. This qualification was launched about 20 years ago.
Together, there are 26,000 CISAs worldwide, including several hundred in New Zealand, and 13,000 CISSPs globally, including 70 in New Zealand.
McKenzie says the CISM is geared towards information security specialists who are business-oriented and focused on information risk management. The qualification addresses management, design, technical and security issues at a conceptual level.
The CISA is aimed at information systems auditors, looking at information systems control across a wider spectrum and all information control issues rather than just security.
The CISSP examination focuses on security issues such as access control, cryptography, business continuity and disaster recovery planning, physical security and security management practices, he says.
Information on the qualifications can be found on the ISACA website.