The two current titles of professional registration for Security Testing are:

1. Chartered
2. Principal

Having more than one title enables individuals to attain a certain breadth and depth of competence and commitment, and then either to stay with that title or to chart a route towards Chartered professional registration should they wish to do so. Please ensure your application evidence meets the standard for the level you apply for.

Demonstration of Professionalism

The Council will maintain one Register including all specialisms. Each specialism will have assessment criteria defined by the Council and an associated assessment guide.

Post Nominals

Post nominals are used as recognition that the individual meets the UK standard for Cyber Security Professionals.   The Council professional registration post nominals are:

1. ChCSP – Chartered Cyber Security Professional
2. PCSP – Principal Cyber Security Professional

Evidence Standard to be considered for interview.

As part of ensuring you are suitable to take to interview, we need to assess you application evidence in line with the published SPCC standards. We will either invite you for an interview or seek further information from you related to the application.

Any examples you provide in this application should reflect your real-world experience as a consultant and as such will demonstrate several of the competencies in the Professional Standards (A1-3, B1-3, C1-4, D1-4) appropriate to the professional level applied for. E1-4 is to be evidenced separately as it relates to your personal development and professional commitment to the cyber security profession.  All competencies must be covered in the evidence provided.

Examples used in evidence need to relate to the professional standard you are applying for. As an example:

• Evidence for the award of Chartered status must have evidence is drawn from a wide range of consultancy examples (and knowledge disciplines) gained over several years to demonstrate the necessary Depth of experience within the chosen specialism.

You must provide one study which covers all the competencies in the UKCSC SPCC standard.

Please think quality rather than quantity in your responses.  We are measuring your ability as a consultant to be concise and impactful in your written evidence. Quality, Relevance, and Impact.  Your attestation may be subject to review and an interview if the assessor(s) identify gaps.

Your application form will  contain personally identifiable information (PII) and as such will be handled and managed in line with DPA18 and EU GDPR regulations.

By completing this application form online, the applicant consents to the data being collected and passed to The Cyber Scheme for processing.

Should an individual not wish this form to be completed and processed as part of their application for Chartered status they will be given the option to fill in an off-line form and attend an in-person interview.

Applicants are required to represent a truthful account that they meet the competence requirements to be considered for professional registration. 

Please Note: It is important that the attestation is an accurate reflection of the applicants Knowledge, Skills, and Abilities to undertake Tasks (KSAT) as The Cyber Scheme’s assessment process will include  random verification in line with the UK Cyber Security Council’s professional standards processes.

For the purposes of this process a referee/attester is defined as a person willing to Attest in writing that the applicant has the knowledge, skills, and abilities (competence) required for the level of professional membership sought. The referee/attester will ideally be a member of a professional body and have signed a code of ethics with that body. 

If the applicant is or has been employed by more than company, individuals from each of those companies will need to complete an attestation if associated with any evidence provided.

The applicant must ensure any referee/attestor has read the application prior to its submission to The Cyber Scheme. Applications will be rejected if they are not signed by an appropriate individual.