Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Revisions:

Date issued:

Author:

Description:

Samantha Alexander (Deactivated)

First Introduction

Download PDF Here

Assessor Criteria

IASME requires that anyone who applies to become a Cyber Baseline Assessor must have a suitable level of skills in cyber security. They must also attend the appropriate Assessor Training Course for the category of Assessor they wish to attain.

There are two categories of Assessor:

  • Cyber Baseline Level 1 Assessor

  • Cyber Baseline Level 2 Assessor

An individual can be just a Cyber Baseline Level 1 Assessor. They can then progress to become a Cyber Baseline Level 2 Assessor, but must become a Level 1 assessor first.

They need to meet the entry skill requirements and have attended the appropriate training course and passed the associated training course exam.

The required skills for each level of Assessor are defined against the CyBok skills frameworks (where possible) and require a broad spread of cyber security knowledge to enabled skilled judgements to be made on an organisation’s answers to the assessment questions

1 Cyber Baseline Level 1

All Cyber Baseline Level 1 Assessors must have at least three years’ experience in either an Information Technology or Cyber Security role.

In addition, all Cyber Baseline Level 1 Assessors must complete and pass the IASME Assessor Skills Assessment exam unless they meet list A below. The exam allows candidates who hold relevant skills and experience but do not hold one of the above certifications or memberships an opportunity demonstrate their skills. The exam contents and marking scheme will be agreed between NCSC and IASME and periodically updated

 

List A

Achieve and maintain one of the following certifications:

  • ISC2 Certified Information Systems Security Professional (CISSP)

  • ISACA Certified Information Security Manager (CISM)

  • ISO27001 Lead Auditor

All new assessors will be required to meet the above requirements before attending the Cyber Baseline Level 1 Assessor Training Course.

2 Cyber Baseline Level 2

Every Certification Body that offers Cyber Baseline Level 2 must, at all times, have at least one Cyber Baseline Level 2 assessor who holds at least one of the certifications in list B.

List B

  • CREST Registered Penetration Tester

  • CREST Certified Infrastructure Tester

  • EC-Council Certified Penetration Testing (CPENT)

  • Offensive Security Certified Professional (OSCP)

3 Ongoing development

All assessors are required to attend any update training and ongoing development activities as specified by IASME when required.

© The IASME Consortium Ltd 2023 All rights reserved

  • No labels