Buying & Building Cyber Services icon
Back
Accreditation Pathway & Membership icon
Back
Skills, Certifications & Careers icon
Back
News, Events & Research icon
Back
About Us icon
Back
Login to profile
Join Today Find a Supplier

NCSC (CHECK)

Home  »  NCSC (CHECK)

CHECK is a UK Government programme under which the National Cyber Security Centre (NCSC), which is part of the Government Communications Headquarters (GCHQ) approves cyber security service providers to carry out authorised penetration tests of public sector and critical national infrastructure (CNI) systems and networks.

Companies providing CHECK services must do so allocating staff who hold UK Cyber Security Council (CSC) approved titles and have suitable experience. These are:

  • All CHECK Team Leaders (CTL) must hold a UK CSC Professional Title at a minimum of Principal level.
  • All Team Members (CTM) must hold a UK CSC Professional Title at a minimum of Practitioner level.

For CHECK scheme purposes, the former requirement to pass relevant exams every three years in order to remain in the scheme no longer applies (please read details below about the Primary CTL requirements). Instead, all CTLs and CTMs must maintain their Council Professional Title, which includes adhering to the Continuous Professional Development (CPD) revalidation requirements as set out by the UK CSC where candidates are required to undertake 75 hours of CPD over a three-year cycle.

The CPD process is administered on UK CSC’s behalf by CREST and other Licensed Bodies including the revalidation process required every three years.

Requirements for the Primary CTLs

The requirement for the Primary CTL on any CHECK engagement to be qualified in the relevant discipline (Web Applications or Infrastructure) for the test has not changed. This means that whatever exam discipline a CTL used to prove Competency A for the award of their Professional Title, is the discipline which companies must enter on the CHECK Supplier Portal. Anyone wishing to work in both disciplines must have initially passed a CREST or equivalent exam recongnised by NCSC in both disciplines and maintain that technical competence – evidenced by continuing to hold a UK CSC Professional.

More information on UK CSC Professional Titles and how we can support can be found on our dedicated page: Professional Titles

More information on the CHECK scheme can be found at CHECK – penetration testing – NCSC.GOV.UK.

ASSURE CBEST GBEST iCAST NCSC (CHECK) NCSC (Cyber Incident Response) NPSA TBEST TIBER EU UKCSC (CCP)