Certified Cyber Professional (CCP) - the certification framework by NCSC for competent Information Assurance (IA) professionals.
Please bear with us whilst we update this website and relevant information, to the new NCSC branding.
"The National Cyber Security Centre (NCSC) is committed to the CCP scheme which over the last 5 years has set the skills benchmark for cyber security professionals. The growing demand for cyber security expertise in the private and public sectors means that CCP needs to evolve to help the NCSC meet the challenge of making the UK the safest place to live and work online.
"The first step we’re making in CCP's evolution is to review what evidence people will need to present to demonstrate their competence and gain certification in future. For those already certified this will be done in a way that allows a transitional period. We will keep you informed of our progress."
GCHQ's Certified Professional (CCP) scheme, delivered through the NCSC, is a certification framework for competent Information Assurance (IA) professionals. Individuals can choose to be certified in one or more specified IA roles, at several levels of competency.
CCP certification will enable you to demonstrate to an employer that you possess the competencies, knowledge and skills needed to be an IA professional. CCP has been acknowledged as HMG’s standard for cyber security professionals. NCSC is the UK Government’s National Technical Authority for Information Assurance. APMG is working with NCSC to deliver the Certified Professional scheme.
CCP enables improved matching between the public and private sector requirements for IA professionals and the capability and competencies of individuals to perform common IA roles.
The framework was developed by CESG (now NCSC) in consultation with government departments, industry, academia, members of the CESG Listed Advisor Scheme (CLAS), and the NCSC approved certification bodies.
With the growing prevalence of cyber-criminals and more frequent attacks on organizations’ sensitive information assets, the UK Government has made it a top priority to strengthen the UK’s cyber security defences.
NCSC is working in co-operation with other government departments to address the UK’s shortage of skilled cyber-security professionals – Certified Professional was developed as part of this initiative.
CCP is aimed at IA professionals working in both the private and public sectors. It allows for knowledge, experience and skills to be demonstrated at several levels of competence. Certified Professional can help organizations when selecting IA professionals for assignments and it can be used to guide professional development of employees.
- Independent verification and formal recognition of your IA skills and competence.
- Better matching between public and private sector requirements for IA expertise and the competence of individuals providing such expertise.
- Clearer career path development.
- You are part of a recognized and growing professional body from which employers can recruit.
- CCP is a requirement for NCSC approved IA/cyber security consultancy.
- Provides employers with the confidence that Certified Professional individuals will have been independently and rigorously assessed.
- Certified Professionals will have demonstrated their expertise in IA/cyber security.
- Use of the scheme in-house to ensure development of own practitioners.
- Use of the scheme to influence suppliers to employ certified professionals to help reduce exposure to supply chain risks and gain confidence in supplier’s ability to manage risks to your and their information effectively.
Candidates interested in the CCP scheme can choose to be certified in one, or more of the following IA roles:
- IA Auditor
- Communications Security Officer/Crypto Custodian
- IT Security Officer/Information Security System Manager/ Information Security System Officer
- Security and Information Risk Advisor
- IA Architect.
The certification scheme features three levels for each of these roles. The levels are Practitioner, Senior Practitioner, and Lead Practitioner.
Our assessment process for all roles and levels will be interview based, incorporating feedback from referees who you have worked for or alongside, in order to determine whether you meet the competencies expected of the role. The entire process is online.