What is FITSP?

FITSP (Federal IT Security Professional) is an IT security certification program targeted at the Federal workforce (civilian personnel, military, and contractors). It is broken into four individual IT security certification programs based on role.

When a candidate pursues the FITSP certification, they select from four roles. Having four roles means there are four different exams, and a candidate can pursue one or all four roles to demonstrate competency in any of these areas. While the exams deal with the same domains, each role is tested on different publications, themes, and topical areas relevant to each job role.

Certification Roles

FITSP-Auditor - The auditor role is designed for candidates who review and audit the IT system. These are usually IT auditors that are found within the Inspector General community as well as public accounting companies. A candidate would earn a FITSP-Auditor (FITSP-A) credential in this area.

FITSP-Designer - The Designer role is designed for candidates who are tasked with designing and developing a system within an organization. These are usually system designers and developers, ISSEs, and other engineers. A candidate would earn a FITSP-Designer (FITSP-D) credential in this area.

FITSP-Manager - The Manager role is designed for candidates who act in an oversight capacity with regard to IT security. Candidates for this are usually CISOs, ISMs, IAMs, etc. A candidate would earn a FITSP-Manager (FITSP-M) credential in this area.

FITSP-Operator - The Operator role is designed for candidates who implement and operate an information system within an organization. These are usually the system and application administrators, system owners, ISSOs, DBAs, and other personnel who manage and maintain the system. A candidate would earn a FITSP-Operator (FITSP-O) credential in this area.