Supporting user evaluation of IT security certification schemes

IT Security Certification is an increasingly important qualification for information technology (IT) professionals seeking employment in IT security. Yet currently there is a lack of rigorously developed approaches to support the evaluation and selection by key stakeholders of the most appropriate IT security certification scheme from among hundreds of vendor-neutral and vendor-specific schemes. This paper develops a framework based on categories, characteristics and criteria to support user evaluation and selection of an (IT) Security Certification scheme that satisfies user priorities and requirements. The paper illustrates the use of the framework to support an experienced IT Professional’s evaluation. Theoretical and practical implications of the framework and trial evaluation are discussed.