IA professionals are assessed and certified using a combination
of written submission, examinations and expertinterviews depending
on the role and level applied for.
*The Skills Framework for the Information Age (SFIA) is the UK
Government backed competency framework that describes IT roles and
the skillsneeded for them. SFIAplus contains the SFIA framework of
IT skills plus detailed training and development resources. The
result is the most established and widely adopted IT skills,
training and development model that reflects current industry
needs.
Certifying excellence in information assuranceBCS, The Chartered
Institute for IT, has been appointed by CESG, the information
assurance arm of GCHQ,to provide a certification scheme
forinformation assurance (IA) specialists.
The CESG Certified Professionalscheme enables all those working
in IAto demonstrate their professionalismand skills, providing a
clear careerpath with opportunities to progress ininformation
assurance.
About the schemeThe scheme certifies that IA specialists have
the experience andcompetencies required to carry outtheir role
effectively and to consistentlyhigh standards.
By providing a means of independentassessment and verification,
our certification scheme raises professionalism and confidence in
the industry, and supports a more consistent and robust approach to
IA.
The scheme focuses on certifying IAspecialists against the roles
identifiedby CESG within IA, articulating the skillsrequired for
the roles and aligningthose skills against the SFIA/SFIAplus(Skills
for the Information Age) competency framework and the IISP
framework.
Certification is available across allroles, providing IA
specialists with a defined path that encourages continuous
professional development.
The roles are shown in the diagramopposite, which also
illustrates the assessment criteria required at eachlevel of
certification.
CCP allows me to carry out my role with professionalism, and
gain recognition from colleagues,customers and the IT security
industry.William Davies Information Security Consultant
Vodafone
Step one: RegistrationRegister your personal details andapply
for the relevant roles/levels.
Step two: Written assessmentProvide your written submission
detailing your experience in the role(s)applied for.
Step three: Examinations For Practitioner achieve the
commoncertificate(s) in information securitymanagement principles.
Ensure thatyou hold any mandated qualifation forthe Penetration
Tester role.
Step four: Expert interviewFor Senior Practitioner, Principal
Practitioner and Lead Practitioner establish experience, competence
andinfluence in the role(s) applied for.
Step five: Assessment evaluation Final evaluation, decision,
feedbackand, if successful, award of CESG Certified
Professional.
Find out more at bcs.org/ia
Assessment and verification
Security and Information Risk Advisor
IA Architect
Accreditor
IA Auditor
IT Security Officer
Communications Security Officer (ComSO)
Penetration Tester
IA roles
Membership grade Professional
Chartered ProfessionalAssociate Fellow
Practitioner SeniorPractitionerPrincipal
Practitioner
SFIAplus* levels 7654321
Written submissionand exam1
LeadPractitioner
Written submission
and interview
Written submission
and interview
Only applicable for Penetration
Tester role
Written submission,mandated
qualification2and interview
Written submission,mandated
qualification2and interview
1Applicants must have passed the BCS Certificate in Information
Management Principles or an industry equivalent.2Applicants must
hold at least one mandated qualification as outlined in the CESG
standard framework bcs.org/ia
THE BENEFITS
For IA specialists Fast-track application for CITP status
Certifies you for specific IA roles and skills required within
the public and private sector Independent verification of your
competence to perform
an IA role Develops your IA skills and competencies Incorporates
widely accepted and proven best practices Demonstrates your
commitment to your professional
development Offers you industry-recognised professional
credentials Supports career progression in IA, offering a clear
development path Aligned with SFIA/SFIAplus and IISP skills
framework BCS membership available supporting self-initiated
development
For employers Certification helps you employ the right people
with the
right skills and expertise for the job Provides expertly trained
employees who support the
integrity of your IA policies, procedures and practices
Increases customer confidence, both internal and external
Reinforces business continuity and compliance Raises
professionalism within your organisation Aligned with SFIA/SFIAplus
providing a clear development
path for your IA specialists Fast-track application for CITP
status Supports and encourages career progression amongst
employees
Raising the level of professionalism within information
assurance (IA) is central to ensuring our vital information
assetsare protected and public confidence in IT is maintained.
Whether you are an IA professional, are considering a career in
IA or are involved in the recruitment or training of IA
specialists, the CESG Certified Professional scheme offers you many
benefits.
bcs.org/ia
Information assurance certification from the experts
The Institute offers extensive experience and expertise in
professional certification and the assessment of IT excellence.
We provide career support to IT professionalsaround the world
through our range of professionaldevelopment services including our
highly relevant BCS Professional Certification portfolio,
ourbenchmark Chartered IT Professional registrationand our IT
skills and competency framework SFIAplus.
In todays information led society, information assurance affects
every IT professional. This is reflected in the strength of our
6000-strong IA community and our relationships and relevanceacross
government and private sectors.
ProfessionalismProfessionalism is central to our vision of
equippingIA specialists with the capabilities they need to meetthe
demands of our fast-moving industry.
Our unique position as the standards authority for IT,means we
are ideally placed to assess and verify IA knowledge, skills and
competence and, building onour expertise, weve developed a
transparent yet rigorous scheme to do so.
BCS The Chartered Institute for ITFirst Floor Block D North Star
House North Star Avenue Swindon SN2 1FAT +44 (0) 1793 417 722
bcs.org/ia
BCS, The Chartered Institute for IT is the business name of The
British Computer Society (Registered charity no. 292786) 2014
If you require this document in accessible format please call
+44 (0) 1793 417 600
BC92
8/LD
/LEA
F/10
14
CESG Certified Professional scheme
About BCS, The Chartered Institute for ITWere championing the
global IT profession by giving practitioners the career development
support they deserve. Through our certification and professional
development portfolio, we set the professional standards in the
industry, guiding practitionersthrough their careers and providing
employers with expertly trained people that add value to the
business.
