ISSPCS has the following 9 strategic principles:

• Independent - no commercial bias to any vendor or group of vendors. The independence of the scheme is enhanced by its foundations being based on practiced fundamental security principles and robust theories rather that vendor, product or situation specific syllabi.
• Open - open to all IT and Systems security professionals.
• International- specific, custom modules will be available in various countries and regions. It will also be developed in accordance with international standards. Country-specific modules will be developed as demand dictates.
• Inclusive - which could incorporate feedback from a user community.
• Cost-effective - which would not be prohibitively expensive for IT security professionals to undertake.
• Updated - which is reviewed for changes in technology, best practice and community standards on a regular basis.
• Continuous - which requires regular evidence of continuing development.
• Professional - which does not simply rely on the regurgitation of a body of knowledge, but is instead founded on demonstrating an ability to apply process and methodology, as well as an understanding of security knowledge and techniques.
• Holistic - while this scheme is intended to be heavily IT focused, it is not exclusive to IT, since IT security must reflect the systems approach including physical, personnel and technological.