The journey towards formal certification makes it worthwhile. With each certification, I discover new blind spots and learn a great deal in the process.

Certified Information Systems Security Professional (CISSP)
The CISSP credential is ideal for mid- and senior-level managers who are working toward or have already attained positions as CSOs, CISOs or Senior Security Engineers. It provides information security professionals with not only an objective measure of competence but a globally recognized standard of achievement.

Certified in Risk and Information Systems Control (CRISC)
The CRISC designation certifies professionals who have knowledge and experience in identifying and evaluating risk and in designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls.

Certified Information Systems Auditor (CISA)
Since 1978, the Certified Information Systems Auditor (CISA) program has measured excellence in the area of IS auditing, control and security. CISA has grown to be globally recognized and adopted worldwide as a symbol of achievement. The CISA certification has been earned by more than 50,000 professionals since inception.

Certified Information Security Manager (CISM)
The CISM certification and is specifically geared toward experienced information security professionals. CISM is business-oriented and focused on information risk management while addressing management, design and technical security issues at the conceptual level. It is for the individual who must maintain a view of the "big picture" by managing, designing, overseeing and assessing an enterprise's information security.

Certified Information Privacy Professional (CIPP)
The CIPP stresses the definitions, concepts and applications of U.S. and international privacy laws and information management practices as well as the privacy implications of emerging technologies. This includes HIPAA, COPPA, GLBA, APEC principles, OECD guidelines, EU Directive, employee records management, workplace monitoring, contingency planning, incident handling, PII, Web forms, cookie files, Spyware, spam and other key items.

ITIL Foundation in IT Service Management v3 (ITILv3)
ITIL Foundation is suitable for individuals who require a basic understanding of the ITIL framework and how it may be used to enhance the quality of IT service management within an organization. The ITIL Foundation Certification also applies to IT professionals who work within an organization that has adopted ITIL and so need to be aware of and contribute to the overall service improvement programme.

NSA INFOSEC Assessment Methodology (IAM)
The IAM consists of a standard set of activities required to perform an on-site information security assessment. While not technically a certification, the IAM "sets the bar" for completing a comprehensive INFOSEC Assessment as defined by the IATRP. To qualify for an IAM certificate, students must: attend the two-day class; demonstrate an understanding of the IAM through group exercises and class discussions; obtain a passing grade on the IAM test and meet the experience requirements (five years of information security and two years of analyzing security risks and vulnerabilities).

Design for Six Sigma Green Belt (DFSS/GB)
A Six Sigma Green Belt operates in support of or under the supervision of a Six Sigma Black Belt, analyzes and solves quality problems and is involved in quality improvement projects. A Green Belt is someone with at least three years of work experience who wants to demonstrate his or her knowledge of Six Sigma tools and processes.