Thursday, December 6

SANS proctorization part two

I just talked to someone from SANS.  Appparently the reason for the change is because GIAC has be ANSI certified.

Why you ask?

DOD Directive 8570.

DoD Directive 8570.1 was approved in December 2005 and requires DoD IA workers to obtain a commercial certification accredited under ISO/IEC standard 17024. ISACA's Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM) certifications, accredited by the American National Standards Institute (ANSI), are among only 13 certifications approved by the DoD.

Apparently SANS has to meet this mark by the end of 2007.

I still don't agree with it.  It sounds like SANS is really making it difficult for the folks.  

In the interest of full disclosure though, I did get my cert while I was .mil.  However, now I am not.  It still sucks.


foo said...

No, no

ISO/IEC 17024 is a good thing. It is standard for how professionals (of all kinds) are certiffied. Worth a read. The whole ISO 17000 family deals with certification.

The idea is that there are minimum requirements for how people should be certified.

But, hey. Today, I have my special Proof of Being a Good Person certificate for sale at only $5,000. Want to buy one?

Joel Esler said...

I don't disagree that certifications are good. I just think it sucks that now I have to go somewhere to take the test.

And no more Google!

Anonymous said...

Joel - from the FAQ:
"GIAC Advisory Board members are eligible to serve as proctors. It is possible that there could be a GIAC Advisory Board member in your area that can serve as a proctor; email for more information about this option."

Maybe this will help us out ;)

Anonymous said...

Well you can forget taking Sans Proctored exams at Compusa now.