CompTIA Security Trustmark

The Trustmark concept was first proposed at a strategic planning meeting in early 2007. CompTIA's Board of Directors noted a market need for CompTIA to assist Solution Providers in developing best business practices. After the concept was approved, three phases of research were conducted to determine its feasibility, as well as the type of Trustmark that was important to Solution Providers. Results from Harris Interactive research suggested a Trustmark focused around security practices.

Trustmark Definition
The CompTIA Security Trustmark accredits those Solution Providers who promote security business practices that invoke the trust of end-users. It is a baseline standard of security practices and competencies as agreed upon by the service and support industry. The CompTIA Security Trustmark requires Solution Providers to keep a comprehensive report of internal security processes and processes at customer sites. It also requires reports of their security level skills/certifications, security vendor product training/knowledge, and overall IT capabilities that relate to security practices. Businesses that apply for the CompTIA Security Trustmark will be subject to validation during the application process, which includes random on-site audits. Once an organization is accredited, Solution Providers must demonstrate their security performance and commitment through annual re-certification.

The CompTIA Security Trustmark provides the framework for foundational best practices in security. It represents a network of Solution Providers actively engaged in enhancing the quality of security practices in their service, support, and managed services and support operations. The CompTIA Security Trustmark is designed with the objective to remain vendor-neutral, provide a return on investment for all parties involved, and give value to the overall IT industry.

Next Steps
To ensure its success, the CompTIA Security Trustmark needs continued support from the industry. Learn more about the Security Trustmark and how you can get involved. You may also contact Richard Rysiewicz at rrysiewicz@comptia.org or 630-678-8358, or Wayne Freer at wfreer@comptia.org or 630-678-8426.