Buying & Building Cyber Services icon
Back
Membership & Accreditation icon
Back
Skills, Certifications & Careers icon
Back
News, Events & Research icon
Back
About Us icon
Back
Login to profile
Join Today Find a Supplier

The Accreditation Pathway

What is The Accreditation Pathway?

The CREST community is made up of a diverse spectrum of organisations, each operating across different geographical areas and at various stages of maturity and scale. This includes cyber service providers that offer established services, as well as those that are newer to both the field and the accreditation process.

To support local cyber service providers that are at the earlier stages of quality assurance, we have developed The Accreditation Pathway to help them advance against internationally recognised standards.

The Accreditation Pathway is a supportive process that takes an eligible organisation through its natural growth stages from early stage (Pathway) through to Accreditation, recognising their ability to meet predefined standards of quality and maturity using varying types of checks and assurance. It also provides an opportunity for organisations to progress on to CREST Membership.

The Accreditation Pathway has three stages which can be followed in order or combined depending on the organisation's maturity, with each phase progressing from the foundations laid by its predecessor.

Please note: The Accreditation Pathway will be piloted in The CREST Cyber Accelerated Maturity Programme CREST CAMP) and subsequently made more widely available to organisations across the world.

The Accreditation Pathway model

The Accreditation Pathway stages in more detail

Stage One - Pathway

 

This initial stage brings you into the CREST ecosystem, gaining access to the community, information, events and exam discounts amongst other benefits (please see the benefits drop-down below).

 

This stage involves a registration process to enable us to identify your organisation and requires you to sign-up to the CREST Code of Conduct. By registering you are making a commitment to developing your professional standards and working towards an eventual CREST accreditation.

 

You will be provided with a Pathway logo for your use and listed on the CREST website along with other Pathway companies – at this stage it is important to ensure that you only present your organisation as Pathway and not as a CREST Accredited Member.

 

Pathway organisations are required to advance to Pathway+ within two years of achieving this.

Stage Two - Pathway+

 

 

The Pathway+ stage builds on the Pathway stage, enabling you to learn more about the requirements of CREST standards and to measure your progress.

 

This stage involves your organisation conducting a self-assessment against both the CREST organisational standards (which relate to the maturity of your company in areas such as quality control and information security practices) and at least one cyber discipline standard. You will be asked to rate your development stage against a series of objectives, provide commentary and confirm the availability of evidence.

 

You will then formally attest to the accuracy of your self-assessment and submit it. CREST will not independently review the results at this stage, instead, there is a development tool for you and a mechanism to prepare effectively for a future accreditation and membership application.

 

You will be provided with a Pathway+ logo for your use and listed on the CREST website along with other Pathway+ companies – at this stage it remains important to ensure that you only present your organisation as Pathway+ and not as a CREST Accredited Member.

 

Pathway+ organisations are required to advance to CREST Membership within two years of achieving this.

Stage Three - CREST Member

 

The Member phase represents the formal application and awarding of CREST Accreditation and Membership. Your organisation is required to submit a detailed Accreditation application for independent review, accompanied by appropriate evidence to support your submission, including the formal registration of your employees delivering services on your behalf to demonstrate they are suitably competent and qualified.

 

You can find out more about CREST Membership on our dedicated page.

 

Please note: CREST Membership is not guaranteed for all participating organisations of The Pathway to Accreditation.

Benefits for Pathway, Pathway+ and CREST Members

 

BenefitPathwayPathway+CREST Member
Showing your customers your commitment to independent quality assurance
Demonstrate commitment to globally recognised standardsBlue tick iconBlue tick iconBlue tick icon
Demonstrate independent validation of the organisation’s company status and commitment to CREST’s code of conductBlue tick iconBlue tick iconBlue tick icon
CREST Pathway logo: demonstrate registrationBlue tick icon--
CREST Pathway+ logo: demonstrate self-assessment against CREST’s globally recognised standards-Blue tick icon-
CREST Member & accreditation logos: Demonstrate independent assurance of methodologies, processes & skills--Blue tick icon
Growing your business
Listed on the CREST websiteBlue tick iconBlue tick iconBlue tick icon
Access international opportunities where CREST accreditation is established or a requirement--Blue tick icon
Searchable on the CREST website to customers via supplier selection functionality--Blue tick icon
Supporting your development
Access to CREST standards to identify target stateBlue tick iconBlue tick iconBlue tick icon
Access to guides, research and support materialBlue tick iconBlue tick iconBlue tick icon
Self-assessment with a gap analysis report, to help identify improvement areas and progress towards membership-Blue tick icon-
Access to funded development programmes to accelerate maturity-Blue tick icon-
Access to mentoring support from CREST member companies-Blue tick icon-
Being an active part of the community
Access to the CREST discipline aligned communities for penetration testing, incident response, SOC, red teaming and threat intelligenceBlue tick iconBlue tick iconBlue tick icon
Receive newsletters and industry insightsBlue tick iconBlue tick iconBlue tick icon
Influencing CREST’s global agenda
Eligible to stand for and vote in CREST Focus Group & Regional Council elections, with potential to sit on the International Council--Blue tick icon
Vote at the Annual General Meeting--Blue tick icon
CREST discounts
Free vacancy listing on the CREST website--Blue tick icon
Discounted training with selected training partners--10%
CREST exam discount (select exams only)10%15%30%
CRESTCon ticket discount10%30%x2 free
Discounts for low-income countries
CREST Practitioner level exam discount50%50%50%

Requirements

 

ActivitiesPathwayPathway+CREST Member
Organisational details registeredBlue tick iconBlue tick iconBlue tick icon
Basic company requirements metBlue tick iconBlue tick iconBlue tick icon
Company signed code of conductBlue tick iconBlue tick iconBlue tick icon
Commitment to working towards CREST standardsBlue tick iconBlue tick icon-
Self-assessment against CREST company & 1+ discipline standards -Blue tick icon-
Full company requirements independently reviewed and met--Blue tick icon
Full discipline requirements independently reviewed and met (1+ disciplines)Blue tick icon
Skilled persons register completed by all in scope individualsEncouragedStrongly encouragedBlue tick icon
Minimum one region subscribed to--Blue tick icon

 

The Pathway is open to organisations across the world that meet the relevant requirements.