Join Today Find a supplier
About Us icon
icon
Regions icon
icon
SET UP A NEW CHAPTER

Get more info about setting up a new chapter in your area.

Get started
Membership icon
icon
Register your skilled professionals

We are launching a new dimension to our accreditation process that allows member companies to register individual employees with us and gain personal CREST IDs.

Read More
Certification icon
icon
HOW TO BOOK AN EXAM

Find out how to book an Exam in your region.

Book today
Education & Careers icon
icon
EXPLORE YOUR CAREER PATH IN CYBER SECURITY
Get Started
Buyer Services icon
icon
Knowledge Hub icon
icon
About Us icon
Regions icon
Membership icon
Certification icon
Education & Careers icon
Buyer Services icon
Knowledge Hub icon

Discipline requirements

The general company application is split into some key areas:

  • General company details
  • Human Resource management, including vetting
  • Use of contractors
  • Quality policies and procedures
  • Information Security policies and procedures
  • Contract management
  • Complaint handling

This application is only completed once and will copy across to all disciplines applied for.

Each discipline has its own separate application form and we look for your specific methodologies for delivering the service you are applying for.  The areas we review for each discipline include:

 

Penetration Testing:

  • Certified individuals
  • Language capability
  • Preparation & scope
  • Assignment execution
  • Post technical delivery
  • Asset/Information/Document Storage, Retention and Destruction

 

STAR Intelligence-Led Penetration Testing:

  • Certified individuals
  • Organisational structure for service delivery
  • Language capability
  • Methodology
  • Data Storage and Transmission Controls
  • Threat intelligence
  • Reporting
  • Data Retention / Destruction

Cyber Security Incident Response:

  • Certified individuals
  • Language capability
  • Assignment
  • Presentation
  • Identification
  • Containment
  • Eradication
  • Asset/Information/Document Storage, Retention and Destruction
  • Reporting

 

STAR Threat Intelligence: 

  • Certified individuals
  • Language capability
  • Quality
  • Intelligence Collection, Processing, Delivery and Management
  • Information sharing
  • Deliverables
  • Data Retention / Destruction

Security Operation Centre:

  • Certified individuals
  • Language capability
  • Organisational environment
  • Customer requirements
  • Technology & tools
  • Event analysis & response
  • Threat Intelligence & Situational Awareness
  • Protect the SOC

Vulnerability Assessment:

  • Certified individuals
  • Preparation, planning & scoping
  • Tools & resources
  • Scan execution
  • Reporting

Some of the CREST disciplines and schemes have additional steps.

  • VA Accreditation – technical assessment that will test your capability and use of tools.
  • SOC Accreditation – onsite audit which is a verification step to ensure all methodologies, procedures and policies submitted are in use within the SOC.  This is conducted by an appropriate auditor with CREST.
  • Schemes – some have interview stages and others may require you to register onto procurement frameworks with your CREST details.
Enquire about discipline accreditation Accreditation overview