Articles of Association

CREST is a not for profit organisation and is governed by Articles of Association as a company limited by guarantee without share capital.  The Articles provide the governance and structure for CREST and are available to potential members, on request, as part of the membership application pack.

The Articles declare CREST’s objective is “to represent the Information Security Industry”.

In order to achieve this, CREST will:

  • offer a demonstrable level of assurance of the processes and procedures of member organisations
  • validate the competence of technical information security testers
  • promote the application of high quality, secure information security testing, response, design and other services
  • make available an up to date list of accredited organisations who have the resources, experience and appropriate qualifications to deliver these services
  • maintain a register of individuals who have successfully achieved the technical qualifications required to ensure competency in these services
  • enforce Codes of Conduct for accredited individuals and organisations
  • ensure that accredited individuals and organisations remain abreast of emerging trends and new technologies
  • disseminate information deemed of interest and relevance to members, qualified individuals and other appropriate organisations
  • work closely with skills organisations, academia and training bodies to develop a structured approach for entry into the industry
  • establish professional development pathways
  • promote good practice and standards internationally

The Articles of Association are also supported by a legally-binding suite of Bye-Laws that determine the day-to-day operation of CREST.