Regions icon
Membership icon
Certification icon

Discipline requirements

The general company application is split into several key areas:

  • General company details
  • Human Resource management, including vetting
  • Use of contractors
  • Quality policies and procedures
  • Information Security policies and procedures
  • Contract management
  • Complaint handling

This application is only completed once and will copy across to all disciplines applied for.

 

Each discipline has its own separate application form, and we assess your specific methodologies and processes for delivering the service you are applying for.

The key areas we review for each discipline include:

 

Penetration Testing:

  • Preparation & scope
  • Assignment execution
  • Post technical delivery
  • Asset/Information/Document Storage, Retention and Destruction

 

STAR Intelligence-Led Penetration Testing:

  • Certified individuals
  • Organisational structure for service delivery
  • Methodology
  • Data Storage and Transmission Controls
  • Threat intelligence
  • Reporting
  • Data Retention / Destruction

 

Cyber Security Incident Response:

  • Assignment
  • Presentation
  • Identification
  • Containment
  • Eradication
  • Asset/Information/Document Storage, Retention and Destruction
  • Reporting

 

STAR Threat Intelligence:

  • Certified individuals
  • Quality
  • Intelligence Collection, Processing, Delivery and Management
  • Information sharing
  • Deliverables
  • Data Retention / Destruction

 

Security Operation Centre:

  • Organisational environment
  • Customer requirements
  • Technology & tools
  • Event analysis & response
  • Threat Intelligence & Situational Awareness
  • Protecting the SOC

 

Vulnerability Assessment:

  • Preparation, planning & scoping
  • Tools & resources
  • Scan execution
  • Reporting

 

Some of the CREST Accreditations and schemes have additional steps.

  • VA Accreditation – technical assessment that will test your capability and use of tools.
  • SOC Accreditation – virtual onsite audit which is a verification step to ensure all methodologies, procedures and policies submitted are in use within the SOC. This is conducted by an appropriate auditor with CREST.
  • Schemes – some have interview stages and others may require you to register onto procurement frameworks with your CREST details.
Enquire about discipline accreditation Accreditation overview