IT Career JumpStart

Oct 5 2009   1:14PM GMT

ANSI/ISO/IEC 17024 Accredited Certifications

Ed Tittel Ed Tittel Profile: Ed Tittel

I got an e-mail last week from Microsoft indicating that “Microsoft Certified IT Professional: Windows Server 2008 Server Administrator and Microsoft Certified IT Professional: Windows Server 2008 Enterprise Administrator certifications are the first two Microsoft product-specific IT certifications to receive the ANSI accreditation” for personnel certifications. Having been dimly aware of this program for some time I decided to dig in and find out who else offers IT certifications that meet these international standards for certification program acceditation.

See ANSI Accreditation Services for more info on the overall program. To understand the benefits see “Why Seek Accreditation?” A complete list of accredited organizations is available on the”List of accredited certification bodies” page on the ANSI Website.

Here’s a partial rendering of the ANSI Accreditation Directory that includes only IT-related credentials (a total of 29 organizations appear in that list, which means that IT related entries comprise just under 25% of the total present):

While this isn’t exactly a “who’s who” of IT certification organizations, it isn’t exactly chopped liver, either. Cisco’s missing, but with Microsoft and CompTIA both now present, two of the three biggest overall programs are represented. I’m also fascinated by the heavy presence of information security programs in this line-up, including the entry-level CompTIA Security+, ASIS, GIAC, ISACA, and ISC-squared.

Somehow, this also makes Microsoft’s disclosure that it plans to seek ANSI accreditation next for its “Microsoft Certified Systems Administrator: Security Specialization” credential — despite its age and possible decrepitude — a lot easier to understand. I’m guessing there must be a requirement for ANSI/ISO/IEC accreditation for infosec certifications somewhere, in some government’s or other official body’s canon of requirements for infosec practitioners. And sure enough under US Government Recognition the Department of Defense appears under the heady “government agencies…closely associated with ANSI accreditation.” Obviously, information security plays into this association in some form or fashion.

I’ll report further on this phenomenon as I learn more. This is enough information to be intriquing, but not yet enough to be satisfying, so I’ll keep digging. Stay tuned.

2  Comments on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • JimWiggins
    The reason for Infosec with DoD is because of DoD Directive 8570.1. To get on the approved list of certifications, they must meet the requirements of ISO 17024. CompTIA, ISACA, ISC2, and SANS have gone after this certification to get on the 8570.1.
    0 pointsBadges:
  • Ed Tittel
    Dear Jim: Thanks for the clarification and the reference to the specific ISO specification involved. In the meantime, I had learned the same thing but forgotten to update this post. Thanks for beating me to the punch with such good information. Looks like most of the major infosec cert players are getting on board: we'll probably hear more announcements in the next quarter or so. Thanks again, --Ed--
    10,580 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: