Security Competency Gets Revamped

Microsoft revises Partner Competency, splitting it into two tracks for technical implementers and security management partners.

As a response to partners seeking help from Microsoft in its never-ending battle to keep customers secure, Microsoft Corp. says it has restructured the Security Solutions competency into two specializations with revised requirements.

In the process, Microsoft also sought an assist from outside its walls, partnering with two key security groups, the Information Systems Audit and Control Association (ISACA) and the International Information Systems Security Certification Consortium ((ISC)2).

Microsoft says it has taken a "technology agnostic" approach within its Security Solutions competency, splitting it into two specializations that address technical issues and the other that looks at security policy and risk management, governance, and auditing.

"Whether you’re working with Microsoft technology or providing security products, services or solutions — across the enterprise we want them to have a home in this program," said Thomas Dawkins, a group product manager involved in developing the security partner strategy, through a statement.

The technical track, Infrastructure Security, focuses on a partner's ability to implement and administer security measures to its customers. As part of the specialization's fulfillment, partners must have two employees on their staff who've earned IT security certifications. Microsoft this time around has tweaked the requirements: Rather than requiring staffers to both possess an MCSE: Security certification, Microsoft has added third-party certifications onto the requirements list.

Two of those certifications come from the (ISC)2, a vendor-supported security industry group that includes Microsoft among its board: Certified Information Systems Security Professional (CISSP) and Systems Security Certified Practitioner (SSCP).

Two others come from ISACA, an independent group who focuses on standards, IT governance, risk management and auditing: Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM).

Employees who use those certifications toward fulfillment must also have passed Microsoft's exam 70-299: Implementing and Administering Security in a Microsoft Windows Server 2003 Network.

The other track targets a different kind of partner, one that Microsoft says is focused on providing security management services to its customers. The Security Management specialization, therefore is less technical and, in fact, doesn't require an MCSE: Security. Instead, the specialization requires two employees who've earned a CISSP, CISA, or CISM and have passed Microsoft exam 70-298: Designing Security for a Windows Server 2003 Network.

Both tracks also require three documented, security solutions-oriented customer references.

For details on the changes, go to To find out more about ISACA, go to More on (ISC)2 can be found at

About the Author

Michael Domingo has held several positions at 1105 Media, and is currently the editor in chief of Visual Studio Magazine.


  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.

  • 2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss. (Now updated with COVID-19-related event changes.)

  • Microsoft Closing Most of Its Retail Stores

    Microsoft on Friday announced a major shift in its retail operations, with plans to close most of its physical Microsoft Store outlets in favor of online sales.

  • Matrix

    Microsoft, Harvard Describe Joint Privacy Initiative

    To facilitate data sharing while still preserving data privacy, Microsoft and Harvard have embarked on a set of open source tool called the "OpenDP Initiative."

RCP Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.