Saturday Jan 20
It’s (ISC)2 Election Time: Let’s make CISSP great again, or #notmycissp
Updated on Monday, 14 November 2016 10:08

Friends, the memes have started. “Let’s make CISSP great again” is peppering my thread along with snarky hashtags such as #notmycissp. I admit, I love the humour and fun and the little bit of tongue-in-cheek poking and harassing that comes along with the annual (ISC)2 elections. In fact, I fully expect to hear reports that Harambe had a successful petition. I want to share a few important fundamental thoughts on the Board, and the elections.

Each year for the past several years I’ve climbed the mountain tops and rooftops and, in my best and most boisterous cheerleader voice, I’ve made the call to vote and urged everyone to do a little research and a lot of voting.

Well, this year I’m back on the ballot. More on that in a moment. First I want to tell you why voting is important, what your participation affects, and then in a separate post I’ll talk about me and my goals as a candidate.

Serving these last few years, I’ve had some personal goals in my head — goals related to number of members voting and other engagement. This year is no different, and even if you’re not voting for me, I urge you to vote and help move this needle!

Let’s take a stroll down the important fundamental elements. What you’re about to read are my words and my opinions only and do not in any way represent the opinions of other Board member or anyone affiliated with (ISC)2.

isc2-election-2016What board members do
Corporate Governance- Board members determine policies, develop procedures, and provide strategic direction for the organization. This is taken right off the (ISC)2 website. Note that said “provide strategic direction”, that’s important for a later discussion.

What board members *don’t* do

Board members do not participate in the daily operations or even daily oversight of management. The Board does not tell the organization’s management team how to do their job, nor does it advise on tactical items. The Board has one employee, and one employee only, and that’s the CEO of (ISC)2. The CEO then executes the strategy as directed by the Board. The Board does not have any oversight of the Advisory Committees, Chapters, or any partnerships by the organization.

You and the organization want Board members who have:

  • Leadership experience
  • Proven record directing strategic program in an enterprise
  • Experience in managing companies, departments, business units, finances, and/or teams
  • Earned respect and trust of peers
  • Advanced the field of information security
  • The ability to listen, analyze, think clearly and creatively
  • A sense of honesty, sensitivity, and tolerance of differing views
  • A even stronger sense of humour

Commitments from Board members

In the past few years, we’ve seen a lot of people talk a good game, and then fail to produce. Hell, honestly some of them have been my friends, and for brief flickers of time I have fallen victim to the hurricane of life and the inevitable failure that accompanies juggling 60+ hours of work along with 20+ hours of volunteer for weeks on end. As you vote, look for people who have the willingness to roll up their sleeves and get dirty in order to get things done. Look for people who will ask questions, take responsibility and follow through on tasks. And for the love of S’mores (it’s the only way I’ll eat marshmallows), please make sure who you vote for has competency in at least some business/department/people management and can participate in those conversations and read a financial statement.
TL:DR? My thoughts in 3 bullets.

  1. Please vote, and make it count
  2. Know what the Board does (and doesn’t do)
  3. Research and vote for candidates that will help drive strategy

Those are my thoughts for today. Below are some additional ‘official’ resources.

  • Official Election Forum on LinkedIn
  • Board Election Slate 2016
  • Board FAQs
  • Board Election Process