CREST is a not-for-profit accreditation body that represents the technical information security industry. As part of this, CREST provides internationally recognised certifications for organisations and individuals providing penetration testing, cyber incident response and security architecture services. Member companies undergo a rigorous assessment and certification process that looks at methodologies, legal and regulatory standards, staff vetting and data handling. CREST qualified individuals have passed challenging professional level examinations that demonstrate their knowledge, skill and competence. Company assessments and individual qualifications are underpinned by a strict and enforceable code of conduct.
All CREST examinations and processes have been reviewed and approved by NCSC, a part of GCHQ, the UK Government Communications Headquarters. CREST has member companies in a number of countries and a formally established Chapter in Australia.
Find out more about CREST here