Qualified experience for Certified ISO 27001 CICA™ certification

Certified ISO 27001 CICA is a mid-level certification for cyber security professionals with at least two years of qualified experience. This certification maps to and fulfills all ISO/IEC 27001 competence requirements. General characterization for eligible experience:

• Developing an ISMS program
• Project managing a successful ISO 27001 internal controls implementation
• Core ISO 27001 and 27002 best practices relating to:
  • InfoSec policy and scope
  • Risk assessment and Statement of Applicability
  • External party controls
  • Asset management
  • Human Resources security
  • Physical and environmental security
  • Equipment security
  • Communications and operations management
  • Malicious software controls
  • Network security management and media handling
  • Monitoring of InfoSec and incident management
  • Business continuity management
  • Compliance Exchange of information
  • Electronic commerce, e-mail and internet security
  • General, network, operating system, and application access control
  • Systems acquisition, development and maintenance
  • Cryptographic controls
  • Development and support process security
  • Monitoring of cyber security and incident management
  • Business continuity management
  • Compliance
  • Operations audit