The Institue of Information Security Professionals (IISP)         

The IISP is an independent not-for-profit body, whose principal objective is to advance the professionalism of the information security industry and become the voice of the profession. Formed in 2005 the Institute has a growing membership, drawn from a wide range of security disciplines. Thier mission is to:

  • be the authoritative body for information security professionals,
  • be a universally-accepted focal point for the profession,
  • act as an accreditation authority for the industry.

The core of our services is the IISP Skills Framework, which is the only industry-accepted framework for measuring the practical and hands on experience of security professionals. Within the UK, the IISP Skills Framework has become the standard for assessing security professionalism across both central and local government, and has recently been adopted by the UK Government through the CESG Certified Professional Scheme (CCP).

Their activities are shaped by their members, who make up the Board and various steering groups. Programmes are developed and delivered by members who volunteer their time and provide a perfect opportunity for individuals and organisations to play an active role in shaping and developing the future of the profession.


Raising the standards of professionalism

To achieve this goal, the Institute runs a number of programmes working with:

  • Individuals to help their career development through professional accreditation and membership programmes.
  • Employers to enable them to develop security capability within their organisation through the Corporate Development Framework.
  • Government by certifying Information security professionals working within the public sector through CESG Certified Professional scheme.
  • Academia by forging links between the industry and academia to help shape the security professional of tomorrow.
  • Training organisations through the accreditation of training programmes to help security professionals develop their expertise. 
  • Professional bodies by forging links and partnerships with other relevant bodies.


  • Professional accreditation
  • Events and membership programmes
  • Development programmes for those aiming for Associate membership
  • Assisting our Corporate members in growing their information security staff
  • Academic partnership programmes
  • Accreditation of training courses

Find out more about ways you can contribute and be part of building information security as a fully recognised profession.