About CREST

 

CREST in the UK was established in 2006. CREST examinations are recognised by the professional services industry and buyers as being an indication of knowledge, skill and competence. They are a high-level aspiration for those taking them and increasingly a mandated requirement for those hiring or buying services. CREST exams are broken down into three levels.

CREST provides a recognised career path right from your entry into the industry through to experienced senior tester level. We work with the largest number of technical information security providers who support and guide the development of our examination and career paths.

  1. The CREST Practitioner examinations are the entry level exams and are aimed at individuals with around 2,500 hours relevant and frequent experience.
  2. The CREST Registered Tester examinations are the next step and by passing this you are demonstrating your commitment as an information security tester. Typically, candidates wishing to sit a Registered Tester examination should have at least 6,000 hours (three years or more) relevant and frequent experience.
  3. The CREST Certified Tester examinations are designed to set the benchmark for senior testers. These are the certifications to which all testers aspire.

 

CREST
CREST Webinar

This FREE webinar introduces QA's recently-added CREST training and why delegates should take these certifications.

CREST Pathways

 

QA provide three CREST pathways for Penetration Testing, Incident Response and Security Architecture.

CREST Pathway

Security Architecture

BCS Practitioner Certificate in Information Assurance (IA) Architecture (PCiIAA)

Classroom
5 Days
QAPCIAA

BCS Practitioner Certificate in Information Assurance (IA) Architecture Online L

E-learning
QAPCIAAVBL

CREST vs CHECK

 

The UK National Technical Authority for Information Assurance, the NCSC, is part of GCHQ and traditionally provided IT health check services to identify vulnerabilities in IT systems and networks which may compromise the confidentiality, integrity or availability of information held on that IT system for HM Government in the UK and the wider public sector of systems handling protectively marked information. The IT Health Check Service (CHECK) was devised to supplement information assurance services provided by the NCSC and demand for these services has grown.

In line with similar NCSC initiatives, a special partnership with industry was deemed the most appropriate way of meeting this demand. The IT Health Check Service, or CHECK, was developed to enhance the availability and quality of the IT health check services that are provided to Government in line with UK Government policy. Companies belonging to CHECK are measured against high standards set by the NCSC.

The emergence of the CREST Scheme, company membership and professional qualifications, has allowed consideration of different ways of operating the scheme and presents an opportunity for CHECK to focus on that for which it was established: the provision of appropriately skilled staff to conduct IT Health Checks for Government.

The NCSC and CREST work in collaboration and CREST provides a set of examinations that are acceptable to industry and meet the requirements of private and public sectors. The NCSC requires all existing and future CHECK Team Leaders and Members to have passed an approved professional examination designed to test for a basic grounding in the discipline.

The NCSC will accept a pass from one of the following examinations when approving CHECK Team Leader and Team Member status.

CHECK Qualification

CHECK Team Member

CREST Qualification

CREST Registered Tester Examination

 

A pass in this examination merely demonstrates technical competence but does not replace the other requirements necessary to attain CHECK Team Leader/Member status.

In line with the CHECK process, any candidate failing an examination must wait for three months before re-sitting it.

More information on the CHECK scheme can be found at www.ncsc.gov.uk

CREST Exams

 

The CREST Examinations Overview page provides a synopsis on each CREST examination. Candidates are strongly advised to study the Notes for Candidates available on each examination page:

 

Useful Information for Candidates