Worldwide there is a lack of well-educated and experienced information security specialists. The first step to
address this issue is arranging enough people with a well-known and acceptable basic level of information
security competences. However, there might be a lot of information security education and training, but
there is anything but a well-defined outflow level with a known and acceptable basic level of information
security competences. There exists a chaotic situation in respect of the qualification of information security
professionals, with the emergence of a large number of difficult to compare certificates and job titles.
Apparently the information security field requires uniform qualifications that are internationally recognized.
Such qualifications could be an excellent way of unambiguously clarifying the knowledge and skills of
information security professionals. Furthermore it gives educational institutions a framework which
facilitates the development of appropriate information security education and training.