The consortium comprises the Chartered Institute of Information Security (CIISec), the Council of Registered Ethical Security Testers (CREST), and Royal Holloway's Information Security Group (RHUL), with CIISec certifying competency, CREST providing examination for the more technical roles and RHUL supporting with their experience in setting rigorous and consistent assessment processes.
Applicants select the specialism that they want to be assessed against and create a case study that details the work that they have conducted for customers in the context of that specialism. There must be sufficient evidence of an applicant’s practical ability in the professed specialism, therefore up to two case studies may be submitted. All case studies should demonstrate.
• The candidate’s technical abilities through the specialism.
• How the candidate delivered the needs of the client ethically and professionally, making clear their duties/activities.
• How the candidate ‘closed the loop’ and communicated security and risk effectively to organisations and users.
Applications will be assessed and if the requirements have not been met applicants will be given one chance to resubmit after being provided with feedback to assist. When the case study has been accepted applicants will then undertake an interview which will be approximately two hours long.
Two levels can be awarded: the lower level Associate Cyber Professional, or the higher level, Certified Cyber Professional. The award is for 3 years but revalidation is required after 18 months by providing a log of continuing professional development (CPD) and continuing professional education (CPE).