The Directive highlights the growing importance the DoD places on the
capabilities and professionalism of those working in the mission-critical
areas of information technology and information assurance. Kim
Greenizan , Securac's Information Security Manager. BSI facilitated and published the first commercial
standards to address quality management systems, environmental management
systems, occupational health and safety management systems, project management
and information security management.
For more information on Securac's product and service offerings, e-mail
info@securac.

tuv psb

4217 standardization

psb mvo

National
Committee , of the IEC -- subsequently adopted ISO/IEC 17024 as an American
National Standard.
global competitiveness and the American quality of life by promoting,
facilitating, and safeguarding the integrity of the voluntary
standardization and conformity assessment system. To determine
continued compliance with BS7799-2:2002, BSI will periodically conduct routine
surveillance audits of Securac's operations .
Companies can gain certification to BS7799-2:2002 by implementing an
information security management system (ISMS) that identifies information
security risks, and implementing appropriate controls to manage those risks." It also demonstrates that our focus remains on the security
of our customer 's information and that we are continuously monitoring our
business operations to ensure that it remains safe."
"Securac has always been committed to providing our customers with the
highest levels of surety and confidence that their information is secure"
states Terry Allen, Securac's Chief Executive Officer.

tickit mvo

The DoD-referenced standard was first approved in 2003 when it received the
endorsement of more than eighty nations who hold membership on the
International Organization for Standardization (ISO) and the International
Electrotechnical Commission (IEC).

The United States, via ANSI , was also the first nation to launch an
accreditation program for personnel certification bodies based upon ISO/IEC
17024. "Not only are we proud
of this certification, our development team leveraged this engagement to
customize our compliance software for BS7799.

(remember isoceles triangles from school, meaning equal sided), and is valid in English, French and Russian, the three official languages of ISO.

baldrige 17025

member of the ISO and, via the U.

standardizing baldrige

"We are proud to have this high level recognition from the federal
government of the importance of accredited personnel certification," said
Lane Hallenbeck, ANSI vice president of accreditation services. Comprised of
businesses, professional societies and trade associations, standards
developers, government agencies, and consumer and labor organizations, the
ANSI Federation represents the diverse interests of more than 125,000
entities and 3.
"For a company of our size and complexity, developing an information
security management system was an incredible undertaking," stated Dr.

tickit 14001

Securac is the first company in Canada to successfully complete the
BS7799-2 audit process.
More than 112 'Global 500' companies have chosen BSI as their preferred ISO
9000, ISO/TS 16949, ISO 14001 or BS7799 registrar.
BSI, Inc. is headquartered in Reston, Virginia, with offices in Toronto,
Canada, and Mexico City, Mexico to serve the North American market. Reference is made to the Company's
Annual Report on Form 10-KSB for the year ended December 31, 2004 for a
description of these, as well as other, risks and uncertainties.

tantara psb

S. Two of the nine personnel certification organizations currently
accredited by the Institute provide information assurance certifications
that would qualify under the DoD Directive. We are very proud to have gained
certification.

bvqi qs9000

1M.

ANSI is a private non-profit organization whose mission is to enhance U .

In addition to ISO and IEC, the Institute is also a member of the
International Accreditation Forum (IAF), the Pacific Area Standards
Congress (PASC) and the Pan American Standards Commission (COPANT). BSI's registration
experience covers virtually every industrial and commercial sector (i.

14000 standardization

personnel certification agencies have never been
independently evaluated by a third party.5 million professionals worldwide.

mvo as9000

S.S.

17799 3166

The U. The American National Standards Institute
(ANSI) -- the official U.

standardizing mvo

The requirement
is based upon international standard ISO/IEC 17024, Conformity assessment
-- General requirements for bodies operating certification of persons,
which stipulates the guidelines for assessing independent personnel
certification programs.S.

9100 qs

Securac Earns Certification From British Standards Institute

OB) is pleased to announce the successful completion of its
BS7799 -2:2002 certification from BSI Management Systems, an information
security management systems registrar .
The standards were originally developed by British Standards Institute and
later adopted by the International Organization for Standardization (ISO). "Securac's staff worked
hard to document their processes, while other employees also performed
internal audits to ensure conformance.

9100 14048

Code to permit the Services to use appropriated funds
to pay for commercial credentials for military personnel. ANSI
has offices in New York City and Washington, DC.

About BSI Management Systems
BSI is the world's leading quality management systems registrar.net or call toll free (877) 328-7220.

The mission of ISO is to promote the development of standardization and related activities in the world with a view to facilitating the international exchange of goods and services, and to developing cooperation in the spheres of intellectual, scientific, technological and economic activity.

17025 as9000

This is the federal
government's first venture into mandating increased accountability from
personnel certification bodies. BSI is
truly a pioneering organization.

The International Organization for Standardization (ISO) is a worldwide federation of national standards bodies from some 100 countries , one from each country.

bvqi nsai

S. CALGARY, Alberta, Securac Corp. AMR Research estimates that compliance to standards and
regulations such as Sarbanes Oxley is an $80 billion market alone".
Securac 's proprietary Acertus(TM) platform embodies a proven risk
management methodology using industry accepted analytics in conjunction with
extensive threat, vulnerability, risk mitigation and industry governmental
regulation datasets.

Statements in this Press Release that are not statements of historical
fact, including statements regarding potential market size, constitute
"forward-looking statements " within the meaning of the Private Securities
Litigation Reform Act of 1995.

standardizing 14048

PRESS RELEASE U.S. Department of Defense Becomes First Federal Agency to Mandate Compliance With Global Criteria for Personnel Credentialing

L. Certification to BS7799-2:2002
reinforces to customers through an independent third-party , that Securac
operates an effective ISMS, in accordance with the requirements of the
standard .

ISO is a non-governmental organization established in 1947.

ISO is not an acronym for International Organization for Standardization, but a Greek word meaning equal.

tantara dnv

Current estimates indicate that as many as ninety
percent of U. "We look
forward to working with the certification agencies and companies in
bringing value to their customers with the assurance that an independently
evaluated certification credential has meaning. This software along with our
qualified consultants now positions Securac to further grow our professional
services capabilities by assisting others in preparing for BS7799
certification.
Securac's principal office is located in Calgary, Alberta and it maintains
sales offices in Edmonton, Toronto, Vancouver, San Mateo and Washington DC.

3166 notified

Department of Defense (DoD) is now
requiring its agency personnel and contractors who perform certain
Information Assurance functions to be certified by credentialing bodies
that have been independently accredited by a third party.
("Securac") (SECU.
The BS7799-2:2002 and ISO 17799-1:2000 standards, establish the
requirements for an internationally recognized information management system.

14000 9004

"

The DoD requirement is in line with the federal government's reliance upon
voluntary consensus standards and conformity assessment programs, as called
for in the National Technology Transfer and Advancement Act (P. 104 -113). Securac began its registration process in February of
2005, which involved performing on-site assessments, examining Securac's
documented procedures, and auditing its overall operations.

standardization qs

About Securac
Securac's suite of risk management and compliance solutions enable
organizations to identify, measure and manage information and physical
security risks against international industry best practice standards and
compliance (such as ISO 17799) while determining their ability to meet the
legal requirements of numerous international and national legislative
enactments. These powerful benchmarking capabilities allow
enterprises to build a valid and enduring enterprise risk management and
compliance strategy. Such risks and uncertainties include but are
not limited to changing market conditions, the successful and timely
completion of financing, the establishment of corporate alliances, the impact
of competitive products and pricing, new product development and uncertainties
related to the regulatory environment.

9004 17025

S.
Another indication of DoD's dedication to the issue is the recent change to
Title 10 of the U.
The effectiveness of this system is then monitored on an on-going basis, along
with a continual review to the risks. Founded
in 1901, BSI has more than 45,000 registration clients in over 90 countries. It was the world's first national standards
body and a founding member of the International Organization for
Standardization (ISO). These forward-looking statements involve risk
and uncertainties which may cause the actual results, performance or
achievements of the Company, or industry results, to be materially different
from any future results, performance, or achievements expressed or implied by
such forward-looking statements.

standardizing 4217

The new
requirement became effective on December 19, 2005, with the signing of DoD
Directive 8570 .1 and its implementing manual 8570. Both ISO and IEC are membership
organizations comprised of the official national standards coordinators in
countries around the globe.
automotive, aerospace , chemical and allied processes, IT/software, service).