Tips from an Assessor

Kim Croft ChCSP, Live Service Lead, Security Incident Response Team at DWP, is an Assessor for the Incident Response specialism for The Cyber Scheme. Kim has provided some excellent tips for maximising success during a Professional Title application.

Tip 1 – Understand the UK Cyber Security Council’s ‘Vision & Mission’

It’s important, before you start your application, to be clear what you’re hoping to achieve from it and know what it means for you and your career. Familiarise yourself with the work of the UK Cyber Council. Visit their website and spend a little time reading about their vision and mission, paying particular attention to the following pages:

https://www.ukcybersecuritycouncil.org.uk/professional-standards-registration

https://www.ukcybersecuritycouncil.org.uk/professional-standards/specialism-roadmap

Ensure that you understand the role of the UK Cyber Security Council, its objectives and more importantly what it means to be an accredited Cyber Security Professional.

The most common misconception we have come across is that people think it’s a course, or an exam to be passed, and another certification to gather. It isn’t any of those things.

Tip 2 – Choose the right level

The Council has developed a comprehensive Standard for Professional Competence and Commitment (SPCC), which you will need to thoroughly read before submitting your application. Irrespective of the specialism, you will be assessed against that standard at the level you apply for. It’s important to choose the correct level at this stage to avoid your application being rejected. The four levels are Associate, Practitioner, Principal and Chartered.

Use the comparison tables across the five competency areas in the SPCC to help you identify which level you believe you are currently at, and where there are areas that you may wish to develop. Be realistic and apply at a level that is appropriate. You can then take time to work on areas that you need to strengthen; when you are ready and your additional experience can be proved, you can apply at a higher level.

Make sure that your evidence aligns to the standard or identify areas that you may need to work on and develop.

Tip 3 – Select the correct specialism

Our assessors have indicated that they are surprised that individuals applying for specialist accreditation lack the necessary evidence to demonstrate that they have knowledge, understanding and experience in the specialism they have chosen. We have identified a few reasons why this could be an issue:

  • The Council have not yet launched all of the specialisms they have identified, meaning people have chosen a specialism that is ‘near’ their discipline in the belief that they can probably display ‘enough’ knowledge to gain a title.
  • Individuals looking to access DSIT funding have been keen to proceed quickly to qualify for funding and may have either rushed their decision making or their application and have chosen the wrong route.

Our advice is, think practically. If you’re applying for professional accreditation in a specialism – you are effectively saying that you are specialist in that area, so be realistic about the knowledge, skills and experience that you can evidence.

If you can’t see your specialism on the roadmap yet, it’s a good idea to start gathering your evidence in preparation for launch. The SPCC is the same irrespective of your chosen specialism.

Tip 4 – Show you’re a specialist!

We cannot stress enough how important it is to use the contextual information provided by the Council to provide inspiration for your evidence. Every live specialism has a comprehensive contextual information document. Use it to give you ideas and inspiration of how to demonstrate your competence across the five key areas in the context of your role.

You will be assessed across 5 competency areas.

  • A – Knowledge, Understanding & Experience
  • B – Communications & Interpersonal Skills
  • C – Collaborative Management, Leadership & Mentoring
  • D – Integrity
  • E – Personal Commitment

Our assessors want to see a demonstration of how you are a specialist across all five competency areas, not just in the A section. Fill your application with a variety of examples to demonstrate the breadth and depth of your experience in your chosen area.

Tip 5 – Choose your route carefully

There are currently two routes for application. Route A is a written application followed by an interview; Route B is a written application supported by an employer attestation.

We understand you may be apprehensive about an interview but would like to point out that route A is more of a professional discussion, and not a formal process. It provides you with an opportunity to sit down with a Cyber Professional who has similar experience to yourself and spend an hour talking about your application and other examples and evidence that support it. It really should be a time to shine and an opportunity for you to show case your expertise. Route A increases your opportunity to demonstrate that you are competent. If you prefer to choose Route B please keep in mind that your written evidence really must be excellent, attributable and that your attestor has a legal obligation to be honest about your experience.

Tip 6 – Take your time

You will have heard a lot about accreditation over the last few months and may feel that there is pressure to progress an application now. We’re keen to promote the benefits of accreditation and encourage individuals to pursue an application, however it’s important to accept that your specialism might not be live yet, or that you are possibly focusing on other aspects of career development.

The four levels give everyone an opportunity to start at a stage they are comfortable with but there is no pressure to rush at the process before you’re ready and in fact this can be detrimental to your application. Looking at the SPCC, decide how you can gather your evidence portfolio and document examples, and highlight where the gaps are and what you need to develop. You can then set your own timeline and work at a pace that suits you.

We understand that for some people, crafting a written application can be challenging – don’t underestimate how long that might take you. Some of our applicants take a ‘little and often’ approach, some set a strict deadline and do it in a compressed amount of time. The most important thing is that before submission you are satisfied that your application is as strong as it can be.

Tip 7 – Be a STAR

Our application guidance (link) advises you to complete your application using the STAR method – Situation, Task, Action Result. Our assessors strongly recommend that you follow this method. Make it as easy as possible for them to understand what you did and more importantly why it mattered. Focus on the result. Be specific about what actions you took personally and tell us what the outcome was. For Principal and Chartered levels, we’ll be looking at explanations about why it contributed to improved cyber security within the organisation and even within the wider profession.

Tip 8 – Prepare to talk about it

Don’t be nervous about your professional discussion but do prepare. The meeting is not intended to trip you up, but to provide an opportunity for you to showcase how you are a Cyber Security Professional.  Know your examples inside and out and be prepared to go into detail, say what you did, say what you learned, what could have gone better. Prepare alternative examples. Remember this is a professional discussion but it is going to draw out what you have put on the form and perhaps highlight what is missing. If you suspect an area of your form is ambiguous or weak, your assessor is undoubtedly going to think the same, so do consider other evidence that supports your competency and experience.

TiP 9 – Adopt a growth mindset

Don’t be disheartened if you’re asked for more evidence or offered an alternative level to the one you applied for. When our assessors recommend a title award, they have to be satisfied that the applicant has demonstrated the right level of competence in the correct specialist area for the title they are seeking. If the assessor is  in doubt, you may be asked to strengthen your application with additional written evidence before interview. It may be that an alternative specialism is more appropriate. In any of these cases, the assessor will be quite specific as to why you they been unable to progress your application, so use that information to inform your next steps.

Don’t be put off – there is always a way forward and the assessor will help you to understand what areas you may need to focus on in terms of developing your application.

Tip 10 – Reflective practice (record CPD)

Demonstration of commitment to Continuous Professional Development (CPD) is an integral and mandatory part of the competency requirements for all cyber security practitioners irrespective of role or specialism, and is a commitment expected from all Registrants awarded a professional registration title.

CPD may involve structured activities such as courses, distance learning programmes, private study, preparation of papers and presentations, mentoring, involvement in professional body activities, or relevant voluntary work. It may also involve on-the-job professional experience, and in some cases technical assessments.

Registrants must commit to the planning and recording of their own CPD. It should be reflective and, where possible, relate to specific objectives. It must also be relevant to the specialism you are registered in.

The Council currently asks for 25 hours of CPD completed each year totalling 75 hours over a three-year period. We believe that if you are diligent about recording the multitude of learning opportunities available, this should not be difficult to achieve. The important thing to remember is that any audit will rely on your recording of your CPD. So, start today, develop a new habit. Set up a log and spend a few minutes after each learning session adding it to your list and reflecting on how it will help your development. Make it routine so that it becomes second nature. Be proud of your continuing development and clear in recording your achievements. This will ensure that revalidation of your professional title, and renewal of your place on the register, is never at risk.

Facebook
Twitter
LinkedIn
Email
WhatsApp
Picture of Editorial Team

Editorial Team

All Posts »

We know it’s sometimes easier to talk on the phone. If you’d like someone from The Cyber Scheme to call you to discuss anything, please click below:

We work in partnership with:

NCSC logo
CiiSec logo
UK Cyber Security logo

Email us   |   Floor 7, Eagle Tower, Montpellier Drive, Cheltenham GL50 1TA   |  Privacy, Quality and InfoSec Policies   |   Booking Conditions

Facebook Twitter Linkedin
Skip to content