Governance Structure

Members sit at the heart of everything we do. Our governance structure is designed to ensure that we democratically represent the diverse nature of our member companies, their international interests and the technical cyber security disciplines around which our industry is based.

Our umbrella body is CREST International which is registered in the UK as a not-for-profit company limited by guarantee. Our strategy is aligned to that of nurturing global capability, capacity, consistency and community and is not tied to any country-specific agenda.

We offer central services in support of our regionally-based chapters. These services include accreditation, certification, governance, communication and much else.

Our Regional Chapters currently cover four global regions: the Americas, Asia, Australasia and EMEA. The UK is our fifth and founding chapter.

Each chapter is served by an elected council drawn from member companies operating in the region.

We currently have an Americas Council, an Asia Council, an Australasia Council, an EU Council and a UK Council.

The chairs of the five regional councils sit on the International Council which also comprises international representatives of each of the primary industry disciplines as well as senior members of CREST International staff.

Responsibility for the day-to-day running of CREST International is the responsibility of a senior management team.

We, our members and those holding our certifications are governed by a series of strict codes and policies which you can access via the links on the right of this page.

The individual chapters each have elected councils to manage the country-specific interests of member companies. The councils encourage buyers to use our member companies for added reassurance of quality of service and to encourage the upskilling of technical cyber security professionals in the region.