Certified Cyber Professional (CCP)

About the Scheme

As part of the Government's investment in cyber security, the IISP consortium has been appointed by NCSC, a part of GCHQ, to provide certification for UK Government Information Assurance (IA) professionals. The consortium has been awarded a licence to issue the Certified Professional (CCP) based on the IISP Skills Framework, as part of a certification scheme driven by NCSC.

The certification process is designed to increase levels of professionalism in Information Assurance and uses the established IISP Skills Framework to define the competencies, knowledge and skills required for specialist IA roles. Developed through public and private sector collaboration by world-renowned academics and security experts, the Framework has been adopted by GCHQ as the basis for its Certified Professional specification.

This builds on the IISP’s existing competency-based membership programmes, so not only will an individual be certified, but their areas of specialism will be recognised, offering the individual and their customers greater confidence that an individual has the right skills and experience for a role.

Scheme Structure

The scheme allows you to gain certification in one or more of the following roles:-
  • Accreditor
  • IA Architect
  • IA Auditor
  • Communications Security Family of Roles
  • Information System Security Officer (ISSO) / Information Security System Manager (ISSM) / IT Security Officer (ITSO)
  • Security & Information Risk Advisor (SIRA)
There are various levels of certification for each of the roles:-
  • Practitioner
  • Senior Practitioner
  • Lead Practitioner

About our Consortium 

The consortium comprises the Institute of Information Security Professionals (IISP), the Council of Registered Ethical Security Testers (CREST), and Royal Holloway's Information Security Group (RHUL), with the IISP certifying competency, CREST providing examination for the more technical roles and RHUL supporting with their experience in setting rigorous and consistent assessment processes.


Scheme Documentation

If you would like to find out more about the scheme, please see the following documentation from NCSC.

NCSC Certification for IA Professionals V5.4

CCP CPD & Surveillance V3.2

CCP Protocol Terms and Conditions V3.2


CCP Certifications are valid for 3 years. The single payment covers the application, annual administration of CCP CPD & Surveillance to maintain certification, IISP exclusive CCP briefings and on award you will achieve an aligned level of IISP membership accreditation. This will give you the right to use the post nominals of M.Inst.ISP or A.Inst.ISP and access to the associated IISP membership benefits.

   Application Fees †
Re-Certification Fees Additional Role Fees**
(covers 3 years)
IISP Member*
(covers 3 years)
(covers 3 years)
IISP Member 
(covers 3 years)





 Senior Practitioner
 £620 £600  £600  £150
 Lead Practitioner
 £720 £700  £700

 †  The above application fees entitle an applicant to apply for one role at that level. 

 * Discounts are available for employees of our Corporate Members.
** You can apply for one additional role when submitting an application.
*** An additional fee will be required to maintain Full Member status.

The IISP does not charge VAT

There may be additional charges should you change your CCP level or membership status during the 3 year certification period.
Certain IISP CCP roles have prerequisites that need to be met.