Information Systems Security Engineering Professional (ISSEP)
1.1.1 Identify organizational security authority
1.1.2 Identify elements of a system security policy
1.1.3 Understand trust concepts and hierarchies
1.1.4 Determine boundaries governed by security policies
1.1.5 Specify complete mediation
1.1.6 Determine least common mechanism
1.1.7 Understand open design concepts
1.1.8 Analyze psychological acceptability/usability
1.1.9 Understand the importance of consistent measurement
1.2.1 Align security risk management with enterprise risk management
1.2.2 Integrate risk management throughout the lifecycle
1.3.1 Apply resilience methods to address threats
1.3.2 Understand concepts of layered security
1.3.3 Specify fail-safe defaults
1.3.4 Avoid single points of failure
1.4.1 Incorporate least privilege concepts
1.4.2 Understand economy of mechanism
1.4.3 Understand separation of privilege/duties concepts
1.4.4 Understand security best practices applicable to the context