[Owasp-board] ISC2 proposal - next steps

Seba seba at owasp.org
Wed Oct 21 17:25:12 UTC 2009


Hi,
Sorry for delay - little work overload.

We discussed the ISC2 proposal within the last board meeting and came to the
following steps:

Have a framework with general set of criteria that allow 3rd parties to set
up OWASP based certifications.
Based on the criteria, organisations that want to do OWASP based
certifications have to get a yearly accreditation.

ISC2 - and other organisations - can then use this framework to start
certifications that are 'OWASP accredited'.
When certification bodies require payment for the certifications, we should
include OWASP membership of the certification body and for the individuals
that want to get certified.
Accreditation can be performed during the OWASP conferences where test
questions are evaluated.

Action: to set up framework, criteria and accreditation process: who takes
ownership within GEC?

For ISC2 this means:
1) Work on a detailed q&a based on the current proposal
https://docs.google.com/Doc?docid=0AYcY8G2SHaWKZDRuODc4NF8zM2d4NWg5dmRr&hl=en
2) share the ISC2 question with the rest of the OWASP leaders, together with
the framework & accreditation idea
3) organize a meeting with ISC2 (preferably in Washington around the
summit/conference) to discuss this (Mano: can you set this up?)

=> we should also discuss this thoroughly during the summit as part of the
GEC session

regards

Seba
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20091021/849ab03b/attachment-0002.html>


More information about the Owasp-board mailing list