Text size
  • Small
  • Medium
  • Large
  • Standard
  • Blue text on blue
  • High contrast (Yellow text on black)
  • Blue text on beige

CCP Scheme

The CCP Scheme is the UK Government’s approved standard of competence for cyber security/IA professionals, and provides an independent assessment and verification process for those working in cyber security and Information Assurance (IA).

Licensed by NCSC (a part of GCHQ), the BCS assessment process enables cyber security/IA professionals to demonstrate they have the skills and experience required to carry out their role effectively and to a consistently high standard.

The scheme also provides those working in cyber security/IA with a clearly defined career development path. CCP certification is a requirement for the NCSC approved Certified Cyber Security Consultancy scheme.

Who are NCSC?

NCSC is a part of GCHQ, and was set up to help protect our critical services from cyber attacks, managing major incidents and improving the underlying security of the UK Internet through technological improvement and advice to citizens and organisations. The vision of NCSC is to help make the UK the safest place to live and do business online.

Who is the scheme aimed at?

The scheme is aimed at anyone working or looking to work in the field of information assurance. It covers six Cyber Security / IA roles at practitioner, senior practitioner and lead practitioner levels, which are aligned to levels 3, 4, 5 and 6 of the Skills Framework for the Information Age (SFIA):

  • Security and Information Risk Advisor
  • Cyber Security / IA Architect
  • Accreditor
  • Cyber Security / IA Auditor
  • IT Security Officer
  • Communications Security Officer

What is the application process?

The process involves rigorous independent assessment and requires good preparation. When you have decided which role and level you would like to apply for, read the additional information provided in the useful links section on the right to prepare your application. Start your application

Role: Practitioner Senior
Principal Lead
Security Information Risk Advisor
Written submission and exam*

Written submission and interview n/a

Written submission and interview

Cyber Security / IA Architect**
Cyber Security / IA Auditor
IT Security Officer
Communication Security Officer

* Applicants must have passed the BCS Certificate in Information Security Management Principles or an industry equivalent examination for all practitioner levels.

** BCS are not currently able to offer Lead Cyber Security / IA Architect.

For further details refer to CCP Scheme - qualification requirements.

How much does it cost?

There is an application fee for each role and level. There is a revalidation fee which applies after 18 months. There is an examination fee for practitioner applications. Information about fees

How long does my certification last?

Certification lasts for three years. Eighteen months into your certification period you must provide an updated CV and CPD evidence to ensure the skills in your certified role/level are being maintained.

What are the benefits of certification?

Can I become an assessor for this scheme?

Depending on your skills and experience, we would welcome your application to become an assessor for the CCP Scheme (click on the CCP Scheme tab).

Where can I read more?

You can read more in this leaflet and you may also find this case study of interest.

This qualification is not regulated by the following United Kingdom Regulators - Ofqual, Qualifications in Wales, CCEA or SQA.