What is the Certified Cyber Professional (CCP) assured service?
The CCP assured service has been developed by the NCSC in consultation with government, industry and academia to address the growing need for specialists in the cyber security profession, and sets the standard for UK cyber security professionals.
Changes to the CCP assured service
Following a pilot, the CCP assured service has changed. When CCP was originally introduced, people were certified in cyber security roles. After listening to feedback from users and professionals, NCSC has decided to refresh and streamline the assessment process to focus more closely on critical skills. As a result, candidates will now be recognised in specialisms instead of roles.
Please note: NCSC will honour the expiry date on role certifications already awarded. No-one will be required to hold both a role and a specialism certification for the same cyber security activity. Revalidations (involving the submission of CPD evidence) at the 18-month point for existing CCP role certifications will continue as normal until July 2022.
If you have any queries, please contact email@example.com.
How do the existing and new CCP assured service compare?
The new assessment process for CCP specialisms is significantly different from that previously adopted for CCP roles.
|6 skills based roles|
|Risk Management and Security Architecture specialisms have launched, and an Auditor specialism is scheduled to follow later in 2022.|
The CCP assured service guidance can be found on the NCSC website:
Submit an application to have your experience recognised
If successful in the assessment process to determine your CCP level (which includes a comprehensive interview), you will be able to:
Take your place on the public CCP register and gain wider recognition for your competence and experience
Validate your cyber security credentials and your role in protecting your organisation’s assets
Take up a year’s free BCS membership when you gain this recognition (offer available to non-members only)
Join a community of practitioners raising standards and building the reputation of the UK’s cyber profession
What’s involved in the application process?
To apply for CCP, you will need to ensure you have one of the following foundational pre-requisites:
- An NCSC-certified degree (undergraduate or postgraduate) or
- A valid certificate for Certified Information Systems Security Professional (CISSP), including full membership of (ISC)² or
- A valid certificate for Certified Information Security Manager (CISM), including full membership of ISACA or
- Full membership of the Chartered Institute of Information Security (CIISec) or
- Proof of having passed an appropriate NCSC internal skills level assessment or
- Proof of having completed an internal NCSC professional development framework (for example for cyber security architecture).
- For Security Architecture only, NCSC Certified Cyber Security Scheme head consultants and NCSC staff members holding a minimum of security architecture skill 6.4 level 3 may vouch for the foundational knowledge of applicants with whom they have worked in the previous 2 years for a period of no less than 12 months.
Please note that no exemptions can be granted for the above.
A case study will be required as part of each application (exemplars are available within the guidance notes). Applications will undergo a review with our assessors, and subject to a successful review, applicants will be requested to attend an interview.
The (online) interview will consider an applicant’s general consultancy skills and their technical abilities against the specialism. The duration of the interview is approximately two hours.
How much does it cost?
The application fee is £2,550.00 +VAT.
When will my certification expire?
Your CCP specialism recognition is valid for three years subject to revalidation.
To revalidate you’re required to provide CPD evidence demonstrating that you’re maintaining your skills in your certified specialism / level. If it’s deemed that you no longer meet the requirements for your specialism, as set out by the NCSC, your recognition will be withdrawn.
What is the National Cyber Security Centre?
A part of GCHQ, the NCSC is the UK’s technical authority for cyber incidents and threats, working collaboratively with other law enforcement, defence, the UK’s intelligence and security agencies and international partners to help make the UK the safest place to live and work online.
Get in touch
We’re here to help with any queries you have about becoming a Certified Cyber Professional.
Call us on +44 1793 417 722 or email firstname.lastname@example.org
We take customer feedback very seriously and always act promptly to investigate any appeals: