5/15/2002 -- Beginning June 1, the International Information Systems Security Certification Consortium (ISC2) will require everyone who passes its Certified Information Systems Security Professional (CISSP) exam to submit an endorsement from an employer or certified colleague verifying the candidate's experience in the field.

ISC2 said it implemented the new policy to "...Differentiate the CISSP from other information security certifications by ensuring the experience requirement is upheld," ISC2 said.

The CISSP is a high-level security certification that requires candidates to have three years of "direct, full-time security" experience.

The recommendation is required. "After the examination has been scored and receives a passing grade, a notification letter is sent advising the candidate of his/her status," ISC2 states on its Web site. "The candidate has 90 days from the date of the letter to submit an endorsement form. If the endorsement form is not received before the 90-day period expires, the application will be voided and the candidate must resubmit to the entire process."

ISC2 also announced that it will also begin auditing new candidates:"A percentage of the candidates who pass the examination and submit endorsements will be randomly subjected to audit and will be required to submit a resume for formal review and investigation."

To read the official announcement regarding the above changes, click here. For more about ISC2's CISSP certification, click here. - B.N.