Profile From the Front Line - Craig W.
I have been involved with SANS since the late 90s and was involved in the creation of the Windows NT 4.0 step-by-step guide. My work as an auditor and trainer specialising in information security has me accessing the SANS/GIAC Reading Room on a weekly if not daily basis.
I have completed a fair number of audit and IT security certifications in the past, but SANS since certainly makes theirs a challenge. Having been involved with BS7799 since the mid-90s, I knew a fair bit about ISO 17799. SANS made me realise how much more I needed to learn and gave me both the means and reason to find out more.
Most of my experience with ISO 17799 was focused on the Australian market. SANS introduced me to a wide range of information needed for ISO 17799 internationally. Working in an audit firm, this has been invaluable.
The GIAC certification process impressed me. The open peer reviewed practical paper coupled with an online examination produces a very effective testing regime. In particular, the addition of a practical paper makes the existence of paper only GIAC certifications impossible.
The training and certification process used by SANS was which I thoroughly enjoyed, and I look forward to completing more of their certifications in the near future.