IT security consultants could be facing similar regulations to those in the physical security industry under guidelines due out in March.
The Security Alliance for Internet and New Technologies (Saint), formed in December 2001, is working with the government to define guidelines for the IT security industry.
It will finally publish its recommendations in two months' time.
The not-for-profit group is funded by the IT industry and seeks to develop security best practice.
"The government is looking at whether we need professional standards," said Saint chairman Nick Coleman.
"In the working group we are looking at the requirements now. We have looked at a number of the technical qualifications, but this is not good enough for many companies.
"No conclusions have been reached as yet but, if we do go down this route, it will be on a not-for-profit basis."
The Private Security Industry Act 2001, designed to regulate bouncers and wheel clampers, outlines a system for the statutory regulation of the private physical security industry.
Measures include gaining qualifications, being on a register and undergoing criminal background checks.
Proposals to include information security professionals within the framework attracted controversy in spring 2001 when the then Home Office minister Charles Clarke refused to rule out the idea.
But IT security professionals have come round to the need for more regulation.
David Griffiths, partner with law firm Clifford Chance, said: "It seems quite likely that the whole IT consultancy industry will shortly be covered by a new regulatory framework.
"If you are in that industry, you should be getting involved in the process now."
Connexin drops out of Ofcom auction due to start next week
SwiftKey users now send two billion emoji every week
Recruitment plans are 'most ambitious ever', claims Openreach HR director Kevin Brady
Samsung's under-the-hood improvements separate the S9 from the pack when it comes to the display