New Federal IT security certification program

A new certification program specifically designed and tailored to help secure the nation’s Federal information technology systems was unveiled today.

The certification program – called the Federal IT Security Professional (FITSP) – was introduced amid growing concern about the security of Federal IT systems. The FITSP certification is managed by the Federal IT Security Institute (FITSI), a nonprofit organization. FITSI is made up of highly experienced IT security professionals with substantial experience in the Federal government sector.

“The goal of the FITSP is to make Federal IT systems more secure by assuring that Federal civilian, military and/or contractor staff who manage and operate them understand and can apply the appropriate Federal IT security standards,” said Jim Wiggins, FITSI’s executive director. “There are a number of high-quality certifications in the IT security space but until today, none of them were specifically tailored to address the unique security environment mandated for Federal IT systems. The FITSP certification provides a framework within which the holders of other IT security certifications must be able to extend their training and experience to specialize in the Federal IT security space.”

“The FITSP certification program is role based and documents the qualifications and specialized Federal IT security understanding of managers, designers, operators and auditors of federal IT systems,” Mr. Wiggins said. By earning the FITSP certification credential, candidates will have demonstrated an in-depth knowledge of Federal IT security management, operational and technical control requirements as measured by the standards and guidelines of the National Institute of Standards and Technology (NIST), as well as other relevant Federal statutes and regulations.

Candidates for the certification program are required to have at least five years of information security experience. The program consists of a three-hour examination, primarily based on NIST content areas, and is good for three years.