PRESS RELEASE

VIENNA, Va., Aug. 24, 2009 " SCIPP International, a global non-profit organization dedicated to providing world-class security awareness certificate and certification programs for end-users and organizations, announced today that two of its certificate programs have entered the American National Standards Institute (ANSI) Certificate Accreditation Program (CAP).

The new ANSI-CAP program accredits certificate issuing bodies against the new American National Standard " ASTM E-2659, "Standard Practices for Certificate Programs." This new accreditation program is a "sister" accreditation program to the ANSI Accreditation Program for Personnel Certification Bodies, which has been in place for a number of years and accredits personnel certification issuing bodies against the ISO/IEC 17024 standard, "General Requirements for Bodies Operating Certification of Persons."

Both the SCIPP International Certificate of End-User Security Awareness (EUSA) and the SCIPP International Certificate of Secure Web Application Development Awareness (SWADA) programs are participating in ANSI-CAP. The SCIPP International EUSA Certificate Program awards certificates to end-users who participate in the annual general security awareness course and successfully pass the SCIPP EUSA Post-Assessment. The SCIPP International SWADA Certificate Program awards certificates to Web application developers who participate in the annual Web application development security awareness course and successfully pass the SCIPP SWADA Post-Assessment.

"We are very excited and honored to have the opportunity to participate in the new ANSI Certificate Accreditation Program representing the security awareness community," said Dow A. Williamson, CISSP, CSSLP, executive director of SCIPP International. "The leadership and foresight of ANSI to marshal together the certificate issuing bodies within the United States for this first-of-its-kind effort has begun the process of clearing up the confusion surrounding certificates for employees."

With a lack of nationwide regulation, oversight or monitoring consistently applied to all awareness, training, and/or education bodies that offer certificates and no nationally recognized set of criteria to evaluate the quality of these programs, employers are unclear about the meaning of certificates. Specific guidelines are needed to differentiate among certificate programs with varying levels of rigor, and to determine how they differ from professional personnel certifications. ANSI-CAP aims to meet this need by providing neutral, third-party accreditation that a given certificate program meets ASTM E2659-09, a voluntary consensus standard that describes the characteristics of a quality certificate program.

Other certificate issuing bodies participating in the ANSI-CAP accreditation pilot include the Federal Employee Benefits Specialist, Inc. (FEBSI), the Food and Drug Administration (FDA) Office of Regulatory Affairs (ORA), Division of Human Resources (DHRD) and the U.S. Army Combat Readiness/Safety Center (USACRSC), among many others.

"ANSI-CAP will provide neutral, third-party attestation that a given certificate program meets an American National Standard and promotes better educated and qualified workers," said Roy Swift, Ph.D, senior director of personnel credentialing accreditation programs. "It is also expected to provide quality benchmarks for the design of future certificate programs. With these evaluations and benchmarks in place, workers and employers will be better able to determine the value and meaning of individual personnel certificates. We are extremely pleased to have SCIPP International representing the national security awareness and training community for the pilot phase of this program."

For more information on SCIPP International, its mission and its security awareness and certificate programs, visit www.SCIPPinternational.org. For more information regarding ANSI, visit www.ansi.org.

About ANSI The American National Standards Institute (ANSI) is a private non-profit organization whose mission is to enhance U.S. global competitiveness and the American quality of life by promoting, facilitating, and safeguarding the integrity of the voluntary standardization and conformity assessment system. Its membership is comprised of businesses, professional societies and trade associations, standards developers, government agencies, and consumer and labor organizations. The Institute represents the diverse interests of more than 125,000 companies and organizations and 3.5 million professionals worldwide. The Institute is the official U.S. representative to the International Organization for Standardization (ISO) and, via the U.S. National Committee, the International Electrotechnical Commission (IEC), and is a U.S. representative to the International Accreditation Forum (IAF). About SCIPP International SCIPP International is a global non-profit organization dedicated to addressing information security awareness problems where they are most prevalent " at the human level. Based in Vienna, Virginia, USA, with offices in London and Hong Kong, SCIPP offers compliance and organizational risk mitigation through its world-class security awareness training programs for web application developers as well as enterprise level certification programs for end-users and consumers. All SCIPP courses are based upon the SCIPP GAP " the common body of knowledge describing SCIPP's 10 generally accepted best business practice areas vetted by an international advisory board of leading experts. More information is available at www.SCIPPinternational.org.