Information Systems Security Association

Information Systems Security Association
Type	501(c)(6)
Tax ID no.	32-0378586
Headquarters	Woburn, MA
Website	www.issa.org

Last updated October 30, 2024

Information Systems Security Association (ISSA) is a not-for-profit, international professional organization of information security professionals and practitioners. It was founded in 1984 after work on its establishment started in 1982.^[2] ISSA promotes the sharing of information security management practices through educational forums, publications and networking opportunities among security professionals.

The association publishes the ISSA Journal,^[4] a peer-reviewed publication on the issues and trends of the industry. It also partners with ESG (Enterprise Strategy Group) to release a yearly research report, "The Life and Times of the Cyber Security Professional", to examine the experiences of cybersecurity professionals as they navigate the modern threat landscape and the effects it has on their careers.^[5]

Organization

Information Systems Security Association has a board of directors that is elected annually by its members and a set of committees that are appointed. The headquarters of ISSA is located in Houston, Texas.

ISSA International Board of Directors Executive Officers

President: Jimmy Sanders

Vice President: Deb Peinert, CISSP-ISSMP

Secretary/Director of Operations: Lee Neely

Treasurer/Chief Financial Officer: David Vaughn

Membership

ISSA has an international membership base.

Goals

The primary goal of the ISSA is to promote management practices that will ensure the confidentiality, integrity and availability of information resources. The ISSA facilitates interaction and education to create a more successful environment for global information systems security and for the professionals involved. ISSA's goals are to promote security education and skills development, encourage free information exchanges, communicate current events within the security industry and help express the importance of security controls to enterprise business management.^[6]^[7]

Code of ethics

As an applicant for membership, the individual is expected to be bounded to a principle of ethics related to the Information Security career.^[8]^[9]

Applicants for ISSA membership attest that they have and will:

Perform all professional activities and duties in accordance with all applicable laws and the highest ethical principles;
Promote generally accepted information security current best practices and standards;
Maintain appropriate confidentiality of proprietary or otherwise sensitive information encountered in the course of professional activities;
Discharge professional responsibilities with diligence and honesty;
Refrain from any activities which might constitute a conflict of interest or otherwise damage the reputation of employers, the information security profession, or the Association; and
Not intentionally injure or impugn the professional reputation or practice of colleagues, clients, or employers.^[10]

International presence

ISSA is present in more than one hundred countries, including Europe and Asia, with more than 10,000 members.

Related Research Articles

Information security is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorized or inappropriate access to data or the unlawful use, disclosure, disruption, deletion, corruption, modification, inspection, recording, or devaluation of information. It also involves actions intended to reduce the adverse impacts of such incidents. Protected information may take any form, e.g., electronic or physical, tangible, or intangible. Information security's primary focus is the balanced protection of data confidentiality, integrity, and availability while maintaining a focus on efficient policy implementation, all without hampering organization productivity. This is largely achieved through a structured risk management process.

Trade unions in Malaysia are regulated by the Trade Unions Act of 1959 and the Industrial Relations Act of 1967.

The Chartered Institute of Management Accountants (CIMA) is the global professional management accounting body, based in the United Kingdom. CIMA offers training and qualification in management accountancy and related subjects. It is focused on accountants working in industry and provides ongoing support and training for members.

ISACA is an international professional association focused on IT governance. On its IRS filings, it is known as the Information Systems Audit and Control Association, although ISACA now goes by its acronym only. ISACA currently offers 8 certification programs, as well as other micro-certificates.

Information security standards are techniques generally outlined in published materials that attempt to protect a user's or organization's cyber environment. This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks.

The International Association of Privacy Professionals (IAPP) is a nonprofit, non-advocacy membership association founded in 2000. It provides a forum for privacy professionals to share best practices, track trends, advance privacy management issues, standardize the designations for privacy professionals, and to provide education and guidance on career opportunities in the field of information privacy. The IAPP offers a full suite of educational and professional development services, including privacy training, certification programs, publications and annual conferences. It is headquartered in Portsmouth, New Hampshire.

The Information Security Forum (ISF) is an independent information security body.

The Australian Computer Society (ACS) is an association for information and communications technology professionals with 40,000+ members Australia-wide. According to its Constitution, its objectives are "to advance professional excellence in information technology" and "to promote the development of Australian information and communications technology resources".

Armed Forces Communications & Electronics Association International (AFCEA), established in 1946, is a nonprofit membership association serving the military, government, industry, and academia as a forum for advancing professional knowledge and relationships in the fields of communications, information technology, intelligence and global security. AFCEA provides a forum for military, government, academic and industry communities with altogether more than 30,000 members. AFCEA supports local chapters, sponsors events, publishes a magazine, promotes STEM education and provides member benefits.

The ISO/IEC 27000 family comprises information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

Security convergence refers to the convergence of two historically distinct security functions – physical security and information security – within enterprises; both are integral parts of a coherent risk management program. Security convergence is motivated by the recognition that corporate assets are increasingly information-based. In the past, physical assets demanded the bulk of protection efforts, whereas information assets are demanding increasing attention. Although generally used in relation to cyber-physical convergence, security convergence can also refer to the convergence of security with related risk and resilience disciplines, including business continuity planning and emergency management. Security convergence is often referred to as 'converged security'.

The Chartered Institute of Personnel and Development (CIPD) is an association for human resource management professionals. Its headquarters are in Wimbledon, London, England. The organisation was founded in 1913—it is the world's oldest association in its field and has over 160,000 members internationally working across private, public and voluntary sectors. Peter Cheese was announced in June 2012 as CIPD's new CEO from July 2012.

Security information and event management (SIEM) is a field within computer security that combines security information management (SIM) and security event management (SEM) to enable real-time analysis of security alerts generated by applications and network hardware. SIEM systems are central to the operation of security operations centers (SOCs), where they are employed to detect, investigate, and respond to security incidents. SIEM technology collects and aggregates data from various systems, allowing organizations to meet compliance requirements while safeguarding against threats.

Environmental, social, and governance (ESG) is shorthand for an investing principle that prioritizes environmental issues, social issues, and corporate governance. Investing with ESG considerations is sometimes referred to as responsible investing or, in more proactive cases, impact investing.

The Computing Technology Industry Association, more commonly known as CompTIA, is an American non-profit trade association that issues professional certifications for the information technology (IT) industry. It is considered one of the IT industry's top trade associations.

The Security Industry Association (SIA), based in Silver Spring, Maryland, is a U.S. trade association, founded in 1969, representing global security solutions providers. The organization today represents nearly 1,400 firms and organizations in the security industry, and in 2017 the association expanded membership to include an academic category. Longtime CEO R. Walden Chace resigned under pressure in 2010 due to excessive spending and collaborations with Reed Exhibitions.

The International Information System Security Certification Consortium, or ISC2, is a non-profit organization which specializes in training and certifications for cybersecurity professionals. It has been described as the "world's largest IT security organization". The most widely known certification offered by ISC2 is the Certified Information Systems Security Professional (CISSP) certification.

mychillo

The United Kingdom has a diverse cyber security community, interconnected in a complex network.

The NIST Cybersecurity Framework (CSF) is a set of voluntary guidelines designed to help organizations assess and improve their ability to prevent, detect, and respond to cybersecurity risks. Developed by the U.S. National Institute of Standards and Technology (NIST), the framework was initially published in 2014 for critical infrastructure sectors but has since been widely adopted across various industries, including government and private enterprises globally. The framework integrates existing standards, guidelines, and best practices to provide a structured approach to cybersecurity risk management.

References

↑ "Charity Navigator - Unrated Profile for INFORMATION SYSTEMS SECURITY ASSOCIATION". Charity Navigator. Retrieved 14 February 2019.
↑ "Sandra Lambert chats with Selena Templeton about founding ISSA in the early '80s" . Retrieved 14 February 2019– via soundcloud.com.
↑ "ISSA International Award Winners". ISSA. Information Systems Security Association. Retrieved 23 December 2020.
↑ "Information Systems Security Association Journal". www.issa.org. Retrieved 23 December 2020.
↑ Group, Enterprise Strategy (31 July 2020). "ESG Research - The Life and Times of Cybersecurity Professionals". www.esg-global.com. Retrieved 23 December 2020.{{cite web}}: |last= has generic name (help)
↑ "About ISSA". ISSA. Information Systems Security Association. Retrieved 23 December 2020.
↑ Kovacich, Gerald L. (19 August 2003). The Information Systems Security Officer's Guide: Establishing and Managing an Information Protection Program . Butterworth-Heinemann. p. 311 . Retrieved 14 February 2019– via Internet Archive. Information Systems Security Association -wikipedia.
↑ "ISSA Code of Ethics". ISSA. Retrieved 23 December 2020.
↑ "What is ISSA (Information Systems Security Association)? - Definition from WhatIs.com". SearchSecurity. Retrieved 14 February 2019.
↑ "ISSA Code of Ethics" . Retrieved 2020-12-23.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Charity Navigator - Unrated Profile for INFORMATION SYSTEMS SECURITY ASSOCIATION". Charity Navigator. Retrieved 14 February 2019.

[2] "Sandra Lambert chats with Selena Templeton about founding ISSA in the early '80s" . Retrieved 14 February 2019– via soundcloud.com.

[3] "ISSA International Award Winners". ISSA. Information Systems Security Association. Retrieved 23 December 2020.

[4] "Information Systems Security Association Journal". www.issa.org. Retrieved 23 December 2020.

[5] Group, Enterprise Strategy (31 July 2020). "ESG Research - The Life and Times of Cybersecurity Professionals". www.esg-global.com. Retrieved 23 December 2020.{{cite web}}: |last= has generic name (help)

[ISSA-about-6] "About ISSA". ISSA. Information Systems Security Association. Retrieved 23 December 2020.

[7] Kovacich, Gerald L. (19 August 2003). The Information Systems Security Officer's Guide: Establishing and Managing an Information Protection Program . Butterworth-Heinemann. p. 311 . Retrieved 14 February 2019– via Internet Archive. Information Systems Security Association -wikipedia.

[8] "ISSA Code of Ethics". ISSA. Retrieved 23 December 2020.

[9] "What is ISSA (Information Systems Security Association)? - Definition from WhatIs.com". SearchSecurity. Retrieved 14 February 2019.

[10] "ISSA Code of Ethics" . Retrieved 2020-12-23.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]