(ISC)² Community Guidelines
Welcome to the (ISC)² Community!
Our online Community is a place for cybersecurity professionals – including (ISC)² members, non-members, certification candidates and others – to connect, collaborate and share knowledge and best practices related to the very broad topic of security. This encompasses discussions around new technologies, best practices, new regulations, professional development, the challenges and opportunities facing the cybersecurity workforce, ways to make the most of your (ISC)2 certification and membership, and much more. We would like to keep this Community a place for appropriate cybersecurity topics and encourage all off-topic discussions to be held elsewhere.
We want you to enjoy and find value in your experience as an engaged Community member. Please respect the guidelines and usage policies. The guidelines below, as well as the (ISC)² Code of Ethics, are your guide for determining what is appropriate to post or comment on the Community. The Community is intended to be a forum for peer engagement, positive discussion and constructive advice. We expect all users to maintain a tone of professionalism in all Community interactions.
This Community is supported by (ISC)2 Administrators and Moderators, who are clearly identified within the Community. The guidelines below were developed to ensure the Community serves the purpose outlined above and creates a professional, safe and rewarding experience for all participants. (ISC)² reserves the right to edit or remove any content in violation of these guidelines. Community users who violate these guidelines may also be subject to further action up to and including a permanent ban from the Community. At the sole discretion of (ISC)² staff, users in violation may receive warnings prior to a permanent ban, but clear, blatant violations may be removed immediately, and any offending users banned.
- Open Forum
- One of the primary purposes of this Community is to raise awareness for cybersecurity issues and the profession. As such, this is an open forum. Post on the community knowing that what you share is viewable by the public and search engines. Only a limited number of closed groups are private and not visible to all users, including non-registered Community members.
- Only registered Community users can post messages. Create your Community account.
- Community users often share personal experiences and might offer peer-to-peer support. Keep in mind, that these are personal opinions and do not necessarily represent the position of (ISC)². Questions requiring a formal answer should be directed to (ISC)² staff. When answering questions regarding (ISC)² policies or procedures, it is best to link to the appropriate (ISC)² policy page and not try to summarize or paraphrase (ISC)² policies as it can risk misunderstandings. It is fair to share your experiences and offer sources of support (such as emailing firstname.lastname@example.org or flagging a Community manager), but (ISC)2 staff are aware of the latest policies, procedures and systems status, and are best equipped to officially and accurately address questions on the Community.
- Our Community Champions are here to encourage current and future members and to share their extensive expertise in information security to help facilitate discussions. We appreciate the support they volunteer to help the Community, but please respect their time and direct member and candidate support questions to (ISC)2 staff.
- The Community is a forum for honest, constructive discussion about the (ISC)2 association, including governance, processes, policies and systems. Be mindful that (ISC)2 members are the heart of the association. Everything (ISC)2 members post on this forum is an extension of the association. Help your association grow and thrive by being a welcoming and helpful place for members, certification candidates and interested parties looking for solutions to today’s security challenges.
- As an open forum, community users respond to questions/posts with advice on topics. While we will attempt to correct any misunderstandings or outdated advice, (ISC)² is not responsible for inaccurate information posted. Regarding questions about (ISC)2 policy and practices, we recommend users refer directly to the policies and procedures page.
- Protect Privacy
- Don’t share any information about yourself or your organization you do not want made public. Do not share personal information. Personal information includes your home address, full name, (ISC)² member/ID number, credit card numbers, social security numbers, email address, etc. In addition, do not request the personal information of other users. Keep in mind, as with any online forum, that even the Community’s Private Message function is no guarantee of privacy of your online exchanges.
- If you have any issues with your (ISC)2 account, contact Member Services with your specific issue, account number and contact information at email@example.com or visit www.isc2.org/contact-us for additional resources.
- In the course of your interactions with (ISC)2, you may come in contact with staff members through various communications channels. Do not publicly share the email addresses, phone numbers or other information about (ISC)2 staff other than their user profiles on the Community. When addressing association issues, do not identify specific staff members you feel may be responsible. Please escalate issues through appropriate channels and through Community managers.
- (ISC)2 reserves the right to promote posts and conversations in public discussion boards within the Community on other channels such as Twitter, LinkedIn, Facebook and its magazine InfoSecurity Professional to help encourage more diverse input and awareness about topics.
- Notification emails (such as responses or kudos to your post) will be sent from firstname.lastname@example.org.
- Honestly Represent Yourself
- Have fun with your username and avatar; however, remember this is a professional forum
- Do not purposely misrepresent yourself
- Do not impersonate other people, including (ISC)² staff
- Do not use copyright-protected photos for your avatar
- Be Respectful
- Respect others’ time and attention with well-thought-out questions and discussion by keeping your tone positive and maintaining constructive criticism. Personal attacks or criticism of another’s abilities will not be tolerated. Insults, swear words, vulgar language, legal threats, controversial political statements, discriminatory remarks, ridicule, and/or illegal content is not allowed.
- Attempting to deliberately circumvent moderation tools and content filters in place to prevent inappropriate content is counter-productive and disrespectful of an administrator’s time. It will not be tolerated. Redacting or obfuscating offensive words when discussing threats and tactics used by threat actors is an appropriate way to address these valuable topics and information sharing.
- Be Relevant
- Keep discussions relevant to our Community’s mission and specific topic areas. Search to see if your question has already been posted to avoid duplication. If you are unsure if a topic is relevant to the Community, please do not hesitate to ask one of the Community team members at email@example.com. Do not reply with off-topic comments; instead, create a new post and link to the original if needed. Don’t post the same message in multiple areas.
- External links (including those in a signature) should only be posted when related to the content in the thread and not link to irrelevant or off-topic content
- Professional signatures including your name, certifications and link to your Acclaim badge or a reputable professional network like LinkedIn are permissible
- Be Lawful
- Do not any violate any laws or break any contractual agreements you have made (copyright, trade secret, nondisclosure agreements or others)
- Adhere to (ISC)² Exam Confidentiality
- Discussing (ISC)² examination items, answers and responses with other individuals is a violation of the (ISC)² Examination Non-Disclosure Agreement that is signed prior to taking an (ISC)² examination. Any posts related to this will be removed, and users found to be in violation may face penalties.
- General discussions about exams that do not share specific exam items are permissible. We encourage Community members to help candidates prepare themselves for success and share their own experiences without disclosing any information that could compromise the integrity of the exam process.
- Be Responsible With Vulnerability Disclosures
- This Community is not to be used as a forum for public disclosure of vulnerabilities. Ethical disclosure is important; however, this Community is not the appropriate place for original disclosures. Appropriate locations include places like bugcrowd.
- It is appropriate to discuss publicly disclosed vulnerabilities and how security professionals should respond.
- Promote Ideas, Not Products
- Solicitation or advertisement of goods or services in posts, links, private messages, or any other means of communication is prohibited, and Community users who violate these guidelines may also be subject to further action, including a permanent ban from the Community.
- Be Concise
- Lengthy posts can be intimidating on a forum and might discourage people from reading. Summarize your thoughts or question into a short paragraph with a few points to start a discussion within the Community. When reposting information from a blog, contributed article, or other information, provide a brief overview and include a link to the original source. We require compliance with “fair use” when reposting.
- Be Vigilant.
- Flag inappropriate content if you notice anything that violates these guidelines. To flag, use the menu at the top right of a post and select “Report Inappropriate Content.” It will be reviewed by a Community team member. In addition to flagging content that is vulgar, hateful and/or off-topic, this extends to non-helpful, ridicule and baseless jokes as well. This Community is intended to be a tool for cybersecurity professionals to work together to solve problems. When in doubt, refer to our Code of Ethics Canons:
- Protect society, the common good, necessary public trust and confidence, and the infrastructure
- Act honorably, honestly, justly, responsibly, and legally
- Provide diligent and competent service to principals
- Advance and protect the profession
- Escalate Issues Responsibly
- Alert the (ISC)2 Community managers to any issues you are experiencing or send an email to firstname.lastname@example.org.
- Members and certification candidates seeking assistance should contact email@example.com for assistance.
Enforcement of Guidelines
- By using the (ISC)² Community, you agree to the above stated guidelines, as well as the Website Access Policy for the (ISC)² Community. Content that violates the Website Access Policy or the Community Guidelines will be removed or edited. Users violating Community Guidelines will be warned. If users continue to violate guidelines, they will face a temporary, 30-day ban. If violations persist after reinstatement, users will be banned permanently. Hate speech, personal attacks and spam posts will not be tolerated, and may result in the permanent ban of the user immediately and without formal notice.
(ISC)² employees will be properly marked by a lime green icon containing the word “(ISC)²". These are members of the Community who will share their knowledge and expertise on (ISC)² products and services.
By using our Community, you agree to these rules, as well as the Website Access Policy for the (ISC)² Community. Content that violates the Website Access Policy or these rules will be removed, and violators may be banned from using our Community.
If you have any questions about the Community or are unsure about any of these guidelines, please feel free to reach out to anyone with the ADMIN (Administrator) tag next to their username, or email firstname.lastname@example.org.
UPDATED: October 2020
These guidelines and policies are subject to change at the discretion of (ISC)2.
(ISC)² Community Manager