The requirements for certifications issued by the Information Security Leadership Forum are:
Information Security Program Management / ISO 27001
Certified ISO 27001 Foundation (CI27KF™)
| Credential | Exam | Professional experience | Project experience | Prerequisites |
| Certified ISO 27001 Foundation | ISLF Certified ISO 27001 Foundation exam or equivalent | None | None | Signing the ISLF Code of Ethics |
Certified Information Security Program Manager / ISO 27001 Lead Implementer (CISPM™)
| Credential | Exam | Professional experience | Project experience | Prerequisites |
| Certified Provisional Information Security Program Manager | ISLF Certified Information Security Program Manager exam or equivalent | None | None | Signing the ISLF Code of Ethics |
| Certified Information Security Associate Program Manager | ISLF Certified Information Security Program Manager exam or equivalent | Two years, with one year in Information Security Management | a minimum of 640 hours | Signing the ISLF Code of Ethics |
| Certified Information Security Program Manager | ISLF Certified Information Security Program Manager exam or equivalent | Five years, with two years in Information Security Management | a minimum of 2,000 hours | Signing the ISLF Code of Ethics |
Certified Information Security Program Compliance Manager / ISO 27001 Lead Auditor (CISPCM™)
| Credential | Exam | Professional experience | Compliance / Audit experience | Prerequisites |
| Certified Provisional Information Security Program Compliance Manager | ISLF Certified Information Security Program Manager exam or equivalent | None | None | Signing the ISLF Code of Ethics |
| Certified Information Security Associate Program Compliance Manager | ISLF Certified Information Security Program Manager exam or equivalent | Two years, with one year in Information Security Management | a minimum of 640 hours | Signing the ISLF Code of Ethics |
| Certified Information Security Program Compliance Manager | ISLF Certified Information Security Program Manager exam or equivalent | Five years, with two years in Information Security Management | a minimum of 2,000 hours | Signing the ISLF Code of Ethics |
Information Security Program Process Management
Certified Information Security Program Governance Manager (CISPGM™)
| Credential | Exam | Professional experience | Governance experience | Prerequisites |
| Certified Information Security Program Associate Governance Manager | ISLF Certified Information Security Program Governance Manager exam or equivalent | None | None | Signing the ISLF Code of Ethics |
| Certified Information Security Program Governance Manager | ISLF Certified Information Security Program Governance Manager exam or equivalent | Two years, with one year in Information Security Management | a minimum of 640 hours | Signing the ISLF Code of Ethics |
Certified Information Security Program Metrics Manager (CISPMM™)
| Credential | Exam | Professional experience | Metrics experience | Prerequisites |
| Certified Information Security Program Associate Metrics Manager | ISLF Certified Information Security Program Manager Metrics exam or equivalent | None | None | Signing the ISLF Code of Ethics |
| Certified Information Security Program Metrics Manager | ISLF Certified Information Security Program Manager Metrics exam or equivalent | Two years, with one year in Information Security Management | a minimum of 640 hours | Signing the ISLF Code of Ethics |
Certified Information Security Program Risk Manager (CISPRM™)
| Credential | Exam | Professional experience | Risk management experience | Prerequisites |
| Certified Provisional Information Security Program Risk Manager | ISLF Certified Information Security Program Risk Manager exam or equivalent | None | None | Signing the ISLF Code of Ethics |
| Certified Information Security Associate Program Risk Manager | ISLF Certified Information Security Program Risk Manager exam or equivalent | Two years, with one year in Information Security Management | a minimum of 640 hours | Signing the ISLF Code of Ethics |
| Certified Information Security Program Risk Manager | ISLF Certified Information Security Program Risk Manager exam or equivalent | Five years, with two years in Information Security Management | a minimum of 2,000 hours | Signing the ISLF Code of Ethics |
Certified Information Security Program Awareness & Training Manager (CISPATM™)
| Credential | Exam | Professional experience | Awareness & training experience | Prerequisites |
| Certified Information Security Program Provisional Awareness & Training Manager |
ISLF Certified Information Security Program Awareness & Training Manager exam or equivalent | None | None | Signing the ISLF Code of Ethics |
| Certified Information Security Program Associate Awareness & Training Manager | ISLF Certified Information Security Program Awareness & Training Manager exam or equivalent | Two years, with one year in Information Security Management | a minimum of 640 hours | Signing the ISLF Code of Ethics |
| Certified Information Security Program Awareness & Training Manager |
ISLF Certified Information Security Program Awareness & Training Manager exam or equivalent | Five years, with two years in Information Security Management | a minimum of 2,000 hours | Signing the ISLF Code of Ethics |
Certified Information Security Program Incident Manager (CISPIM™)
| Credential | Exam | Professional experience | Incident management experience | Prerequisites |
| Certified Provisional Information Security Program Associate Incident Manager | ISLF Certified Information Security Program Incident Manager exam or equivalent | None | None | Signing the ISLF Code of Ethics |
| Certified Information Security Program Incident Manager | ISLF Certified Information Security Program Incident Manager exam or equivalent | Two years, with one year in Information Security Management | a minimum of 640 hours | Signing the ISLF Code of Ethics |
Certified Information Security Program Threat and Vulnerability Manager (CISPTVM™)
| Credential | Exam | Professional experience | Threat and vulnerability management experience | Prerequisites |
| Certified Provisional Information Security Program Associate Threat & Vulnerability Manager | ISLF Certified Information Security Program Threat & Vulnerability Manager exam or equivalent | None | None | Signing the ISLF Code of Ethics |
| Certified Information Security Program Threat & Vulnerability Manager | ISLF Certified Information Security Program Threat & Vulnerability Manager exam or equivalent | Two years, with one year in Information Security Management | a minimum of 640 hours | Signing the ISLF Code of Ethics |
Data Privacy Program Management
Certified Data Privacy Foundation (CDPF™)
| Credential | Exam | Professional experience | Data privacy experience | Prerequisites |
| Certified Data Privacy Foundation | ISLF Data Privacy Foundation exam or equivalent | None | None | Signing the ISLF Code of Ethics |
Certified Data Privacy Officer (CDPO™)
| Credential | Exam | Professional experience | Data privacy experience | Prerequisites |
| Certified Associate Data Privacy Officer |
ISLF Certified Data Privacy Officer exam or equivalent | None | None | Signing the ISLF Code of Ethics |
| Certified Data Privacy Officer |
ISLF Certified Data Privacy Officer exam or equivalent | Two years, with one year in data privacy or information security management | a minimum of 640 hours | Signing the ISLF Code of Ethics |
Please be advised: you may apply to convert an existing equivalent certification from another recognized certification body to the Information Security Leadership Forum.