About HISP
The Holistic Information Security Practitioner (HISP) Framework facilitates a migration beyond the traditional perspective of IT Security toward the development of enterprise Information Security programs that provide efficient and effective information asset protection in the context of each individual organization’s requirements .
Organizations that adopt the Holistic Information Security Practitioner (HISP) Framework will have a demonstrated proficiency with international best practices and standards for Information Security, Audit, Governance, Compliance, and Risk Management via ISO 17799, ITIL, CobiT and COSO. This Holistic management approach to Information Security results in creation of a true Information Security program staffed by professionals who are able to balance technical and business skills. These programs and professionals can function effectively at the strategic, tactical, and operational level by tackling the challenge of Information Security as a business concern, which cannot be solved by technology alone, but which requires an integrated approach involving People, Processes and Technology. Enterprise Information Security Programs are built on a foundation of the International best practices of IS0 17799, mapped to recognized best practices and standards such as ITIL, CobiT and COSO along with any current or future regulatory and contractual compliance requirements affecting the organization.
The HISP Framework, Training, and Certification programs are not intended to replace existing certifications, standards, or guidelines such as CISSP, CISA, CISM, COSO, CobiT, or NIST, but to complement such training, certification programs, standards, or guidelines to create information security programs tailored to meet the unique security needs of any organization regardless of industry, geography, size, or business environment.
