Find out what's inside the September 2019 edition of the Journal & download a free copy of this month's featured article
CISO Executive Membership Criteria
CISO Forum Membership Criteria: The CISO Executive Forum is a peer-to-peer event. The unique strength of this event is that members can feel free to share concerns, successes, and feedback in a peer only environment.
Membership is subject to approval. Membership criteria below will act as a guideline for approval.
- CISO membership applicants should be executive/senior-level information security professionals reporting directly to the CEO, CFO, CIO, or the equivalent. In companies with more than 200 employees, CISO Executive membership is open to qualified, executive direct reports of the organization’s CISO. Individuals should be responsible for information security at the corporate or enterprise level within their organizations, be interested in discussing sensitive security issues with their peers, and be willing to share professional experiences.
CISO Members employed by a company that sells security services or products must meet the following additional requirements;
- The organization must have a clear separation between the internal security or research practitioner and those involved in sales, marketing or product management.
- The organization must have a minimum of 200 employees or a minimum of 2 direct reports to the CISO member.
- The member must certify that he or she is not involved with the sales, marketing or product management of security products or offerings.
- Each new member will be asked to complete an application stating their company size, number of direct reports, and industry sector, to determine the significance of their security portfolio. In addition, members will agree that they have read and qualify for CISO Membership. Any false statement on the application will be subject to review by the ISSA Ethics Committee and could result in cancellation of membership.
- Any sales activity within the CISO Forum, by non-sponsors, is expressly forbidden and grounds for cancellation of membership.
- Emeritus membership will be available and approved on an individual basis by the Advisory Council.
- If a CISO member should be unable to attend a Forum after submitting a RSVP, substitution of staff will be permitted. This substitute will be subject to the above criteria, but may be the direct report of the qualified member.
- Members may invite peers and direct reports within their organization as guests to the CISO Executive Forums. Guest will be asked to submit the same completed non-disclosure agreement and certify that they are not involved in the sales and marketing of security offerings. CISO members’ guests will be invited on space available basis, and subject to approval.
An example of a CISO Guest might be, a divisional security executive (direct report), CIO, CFO or other internal constituent who the CISO Member may wish to involve in the Forum. At this time there will be no charge for a CISO Guest to participate in the Forum, though ISSA will not provide rooming for these guests. A maximum of two guests will be allowed per event, per member.
The ISSA reserves the right to accept or reject any applicants based on their qualifications (see above) and the current capacity of the CISO Executive membership. The ISSA may revoke the membership status of any participant if required, to maintain the integrity of the program. The ISSA does not discriminate on the basis of race, color, creed, national origin, ancestry, sex, marital status, disability, religious or political affiliation, age, or sexual orientation.
Code of Ethics
As an ISSA member, guest and/or applicant for membership, I have in the past and will in the future:
- Perform all professional activities and duties in accordance with all applicable laws and the highest ethical principles;
- Promote generally accepted information security current best practices and standards;
- Maintain appropriate confidentiality of proprietary or otherwise sensitive information encountered in the course of professional activities;
- Discharge professional responsibilities with diligence and honesty;
- Refrain from any activities which might constitute a conflict of interest or otherwise damage the reputation of or is detrimental to employers, the information security profession, or the Association; and
- Not intentionally injure or impugn the professional reputation or practice of colleagues, clients, or employers.
Ready to Learn More About CISO Executive Membership?
Click on the link to learn more about – or register for – CISO Executive Membership.