Qualified experience for Certified ISO 27001 CICA™ certification

Certified ISO 27001 CICA is a mid-level certification for cyber security professionals with at least two years of qualified experience. This certification maps to and fulfills all ISO/IEC 27001 competence requirements. General characterization for eligible experience:

  • Developing an ISMS program
  • Project managing a successful ISO 27001 internal controls implementation
  • Core ISO 27001 and 27002 best practices relating to:
    • InfoSec policy and scope
    • Risk assessment and Statement of Applicability
    • External party controls
    • Asset management
    • Human Resources security
    • Physical and environmental security
    • Equipment security
    • Communications and operations management
    • Malicious software controls
    • Network security management and media handling
    • Monitoring of InfoSec and incident management
    • Business continuity management
    • Compliance Exchange of information
    • Electronic commerce, e-mail and internet security
    • General, network, operating system, and application access control
    • Systems acquisition, development and maintenance
    • Cryptographic controls
    • Development and support process security
    • Monitoring of cyber security and incident management
    • Business continuity management
    • Compliance
    • Operations audit